www.thestar.com Open in urlscan Pro
13.32.27.13 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thestar.com/
Effective URL:
https://www.thestar.com/?redirect=true
Submission: On December 15 via api (December 15th 2022, 10:25:46 am UTC) from SE — Scanned from SE

Summary HTTP 484 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 102 IPs in 10 countries across 75 domains to perform 484 HTTP transactions. The main IP is 13.32.27.13, located in United States and belongs to AMAZON-02, US. The main domain is www.thestar.com. The Cisco Umbrella rank of the primary domain is 90929.
TLS certificate: Issued by Trustwave Organization Validation SHA... on September 27th 2022. Valid for: a year.

This is the only time www.thestar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7 62	13.32.27.13 13.32.27.13	16509 (AMAZON-02) (AMAZON-02)
3	143.204.215.46 143.204.215.46	16509 (AMAZON-02) (AMAZON-02)
20	13.32.27.38 13.32.27.38	16509 (AMAZON-02) (AMAZON-02)
1 9	172.217.18.14 172.217.18.14	15169 (GOOGLE) (GOOGLE)
25	18.66.147.30 18.66.147.30	16509 (AMAZON-02) (AMAZON-02)
1	104.18.1.175 104.18.1.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	104.26.6.139 104.26.6.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	129.158.208.173 129.158.208.173	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
11	18.66.97.65 18.66.97.65	16509 (AMAZON-02) (AMAZON-02)
1	172.67.73.13 172.67.73.13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	172.217.16.200 172.217.16.200	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	100.25.1.9 100.25.1.9	14618 (AMAZON-AES) (AMAZON-AES)
1	143.204.214.20 143.204.214.20	16509 (AMAZON-02) (AMAZON-02)
13	51.104.28.77 51.104.28.77	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	88.221.169.143 88.221.169.143	16625 (AKAMAI-AS) (AKAMAI-AS)
2	108.138.7.116 108.138.7.116	16509 (AMAZON-02) (AMAZON-02)
1 3	99.86.4.32 99.86.4.32	16509 (AMAZON-02) (AMAZON-02)
1	65.9.58.133 65.9.58.133	16509 (AMAZON-02) (AMAZON-02)
1	13.227.211.231 13.227.211.231	16509 (AMAZON-02) (AMAZON-02)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
3 4	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
5	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	142.250.185.138 142.250.185.138	15169 (GOOGLE) (GOOGLE)
3	13.107.219.45 13.107.219.45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3 10	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
29	95.101.111.162 95.101.111.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	3.248.100.224 3.248.100.224	16509 (AMAZON-02) (AMAZON-02)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
20	35.190.14.224 35.190.14.224	15169 (GOOGLE) (GOOGLE)
4	172.217.23.110 172.217.23.110	15169 (GOOGLE) (GOOGLE)
2 3	104.16.125.175 104.16.125.175	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.250.74.195 142.250.74.195	15169 (GOOGLE) (GOOGLE)
6	142.250.186.67 142.250.186.67	15169 (GOOGLE) (GOOGLE)
1	34.247.240.197 34.247.240.197	16509 (AMAZON-02) (AMAZON-02)
2	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
1 1	54.171.1.252 54.171.1.252	16509 (AMAZON-02) (AMAZON-02)
13	63.35.78.131 63.35.78.131	16509 (AMAZON-02) (AMAZON-02)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
3	142.251.5.156 142.251.5.156	15169 (GOOGLE) (GOOGLE)
3	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
4	138.68.96.220 138.68.96.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	165.232.66.42 165.232.66.42	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
3 17	95.101.111.154 95.101.111.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.224.189.100 13.224.189.100	16509 (AMAZON-02) (AMAZON-02)
2	157.240.201.15 157.240.201.15	32934 (FACEBOOK) (FACEBOOK)
9	172.217.16.206 172.217.16.206	15169 (GOOGLE) (GOOGLE)
1	34.120.23.223 34.120.23.223	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
10	142.250.186.68 142.250.186.68	15169 (GOOGLE) (GOOGLE)
6	104.126.37.25 104.126.37.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
11	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 3	37.157.5.142 37.157.5.142	198622 (ADFORM) (ADFORM)
1	44.207.211.100 44.207.211.100	14618 (AMAZON-AES) (AMAZON-AES)
2	185.60.216.35 185.60.216.35	32934 (FACEBOOK) (FACEBOOK)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	104.244.42.197 104.244.42.197	13414 (TWITTER) (TWITTER)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	104.84.56.209 104.84.56.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
14	172.217.23.97 172.217.23.97	15169 (GOOGLE) (GOOGLE)
3	13.107.21.200 13.107.21.200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2.16.238.147 2.16.238.147	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.1.140 151.101.1.140	54113 (FASTLY) (FASTLY)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	151.101.128.84 151.101.128.84	54113 (FASTLY) (FASTLY)
1	151.101.129.140 151.101.129.140	54113 (FASTLY) (FASTLY)
2	65.9.66.56 65.9.66.56	16509 (AMAZON-02) (AMAZON-02)
2 3	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
3	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	67.220.226.234 67.220.226.234	16509 (AMAZON-02) (AMAZON-02)
1	104.22.24.87 104.22.24.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.49.181.242 52.49.181.242	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.129.221 34.111.129.221	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
1	178.250.0.129 178.250.0.129	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.138 178.250.0.138	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.129 178.250.2.129	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
18	178.250.0.130 178.250.0.130	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2 2	52.30.188.40 52.30.188.40	16509 (AMAZON-02) (AMAZON-02)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	18.194.0.5 18.194.0.5	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.197.232 3.126.197.232	16509 (AMAZON-02) (AMAZON-02)
2 2	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
1 1	185.86.137.108 185.86.137.108	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.196.238.199 18.196.238.199	16509 (AMAZON-02) (AMAZON-02)
1	209.191.163.208 209.191.163.208	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	176.34.141.217 176.34.141.217	16509 (AMAZON-02) (AMAZON-02)
2 2	54.229.65.185 54.229.65.185	16509 (AMAZON-02) (AMAZON-02)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
484	102

62 13.32.27.13 (United States) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-13.fra56.r.cloudfront.net

www.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-46.fra53.r.cloudfront.net

prebid.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.32.27.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-38.fra56.r.cloudfront.net

n511.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.18.14 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 18.66.147.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-30.fra60.r.cloudfront.net

images.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.1.175 (None, )

ASN13335 (CLOUDFLARENET, US)

be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.6.139 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 129.158.208.173 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

torstar.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.66.97.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-65.fra56.r.cloudfront.net

resources.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.73.13 (United States)

ASN13335 (CLOUDFLARENET, US)

static.app.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.16.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f200.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.25.1.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-25-1-9.compute-1.amazonaws.com

torstar.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.214.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-20.fra53.r.cloudfront.net

d5phz18u4wuww.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.104.28.77 (London, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

adserver.pressboard.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sr.studiostack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.169.143 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-143.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-116.fra56.r.cloudfront.net

misc.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.32 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-32.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.58.133 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-133.fra56.r.cloudfront.net

d1nxn87txdj54y.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.211.231 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-211-231.ams54.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.219.45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

data.ontario.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 95.101.111.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-162.deploy.static.akamaitechnologies.com

widgets.media.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.248.100.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-100-224.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 35.190.14.224 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 224.14.190.35.bc.googleusercontent.com

query.petametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.110 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f110.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.125.175 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.74.195 (Glen Cove, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.240.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-240-197.eu-west-1.compute.amazonaws.com

torontostarnewspaperslimited.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

s.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.1.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-1-252.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 63.35.78.131 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com

elb.the-ozone-project.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.5.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.68.96.220 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

push.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 165.232.66.42 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

events.kumulos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 95.101.111.154 (Frankfurt am Main, Germany) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-111-154.deploy.static.akamaitechnologies.com

uswidgets.fn.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-100.fra2.r.cloudfront.net

api.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.201.15 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams4.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 172.217.16.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.23.223 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 223.23.120.34.bc.googleusercontent.com

engagefront.theweathernetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.68 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.126.37.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-25.deploy.static.akamaitechnologies.com

img.sportradar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.5.142 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.207.211.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-211-100.compute-1.amazonaws.com

pixel.thestar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.60.216.35 (Ireland)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

adservice.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.197 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.84.56.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-209.deploy.static.akamaitechnologies.com

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

10230056.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.217.23.97 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f97.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.238.147 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-238-147.deploy.static.akamaitechnologies.com

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.140 (United States)

ASN54113 (FASTLY, US)

www.redditstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.84 (United States)

ASN54113 (FASTLY, US)

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.140 (United States)

ASN54113 (FASTLY, US)

alb.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-56.fra56.r.cloudfront.net

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.107.42.14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.229.205.243 (Singapore) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-166.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.226.234 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.22.24.87 (None, )

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.181.242 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.129.221 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com

cr.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.129 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.138 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.129 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.30.188.40 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-188-40.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.0.5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-0-5.eu-central-1.compute.amazonaws.com

crb.kargo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.197.232 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-197-232.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.154.237 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.108 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

ssbsync-global.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.238.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.191.163.208 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 176.34.141.217 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-141-217.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.229.65.185 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-65-185.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
125	thestar.com 7 redirects www.thestar.com — Cisco Umbrella Rank: 90929 n511.thestar.com — Cisco Umbrella Rank: 273219 images.thestar.com — Cisco Umbrella Rank: 108368 resources.thestar.com — Cisco Umbrella Rank: 204853 misc.thestar.com — Cisco Umbrella Rank: 962329 s.thestar.com — Cisco Umbrella Rank: 289988 api.thestar.com — Cisco Umbrella Rank: 321297 pixel.thestar.com — Cisco Umbrella Rank: 368326	3 MB
52	sportradar.com 3 redirects widgets.media.sportradar.com — Cisco Umbrella Rank: 57404 uswidgets.fn.sportradar.com — Cisco Umbrella Rank: 69764 img.sportradar.com — Cisco Umbrella Rank: 38530	697 KB
41	criteo.net static.criteo.net — Cisco Umbrella Rank: 637 pix.eu.criteo.net — Cisco Umbrella Rank: 7930 csm.eu.criteo.net — Cisco Umbrella Rank: 8005	405 KB
32	google.com 1 redirects news.google.com — Cisco Umbrella Rank: 5891 region1.analytics.google.com — Cisco Umbrella Rank: 4762 play.google.com — Cisco Umbrella Rank: 15 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	146 KB
29	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	152 KB
21	petametrics.com cdn.petametrics.com — Cisco Umbrella Rank: 10157 query.petametrics.com — Cisco Umbrella Rank: 10874	70 KB
20	gstatic.com www.gstatic.com fonts.gstatic.com	824 KB
20	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 ad.doubleclick.net — Cisco Umbrella Rank: 161 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297 googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 10230056.fls.doubleclick.net — Cisco Umbrella Rank: 405433 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	230 KB
16	the-ozone-project.com prebid.the-ozone-project.com — Cisco Umbrella Rank: 20328 elb.the-ozone-project.com — Cisco Umbrella Rank: 7829	93 KB
12	studiostack.com sr.studiostack.com — Cisco Umbrella Rank: 45916	29 KB
10	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 481 image6.pubmatic.com — Cisco Umbrella Rank: 716 simage2.pubmatic.com — Cisco Umbrella Rank: 641 image2.pubmatic.com — Cisco Umbrella Rank: 852 simage4.pubmatic.com — Cisco Umbrella Rank: 1176	26 KB
8	kumulos.com push.kumulos.com — Cisco Umbrella Rank: 127837 events.kumulos.com — Cisco Umbrella Rank: 101723	5 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	504 KB
7	criteo.com dis.criteo.com — Cisco Umbrella Rank: 658 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173 ads.eu.criteo.com — Cisco Umbrella Rank: 7675 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12162 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9611	105 KB
6	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2773 p1.parsely.com — Cisco Umbrella Rank: 2076	27 KB
6	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 296 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 503 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 912	50 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4712	113 KB
5	permutive.com api.permutive.com — Cisco Umbrella Rank: 1991	798 B
4	google.se www.google.se — Cisco Umbrella Rank: 28747 adservice.google.se — Cisco Umbrella Rank: 64527	1 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	168 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	4 KB
3	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 367 www.linkedin.com — Cisco Umbrella Rank: 633	3 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 775	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 371	12 KB
3	adform.net 2 redirects cm.adform.net — Cisco Umbrella Rank: 1390 c1.adform.net — Cisco Umbrella Rank: 566	1 KB
3	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 793	3 KB
3	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 204 torontostarnewspaperslimited.demdex.net — Cisco Umbrella Rank: 251462	5 KB
3	ontario.ca data.ontario.ca — Cisco Umbrella Rank: 671973	198 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	3 KB
3	cloudfront.net d5phz18u4wuww.cloudfront.net d1nxn87txdj54y.cloudfront.net d1z2jf7jlzjs58.cloudfront.net	58 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 335	798 B
2	avct.cloud 2 redirects ads.avct.cloud — Cisco Umbrella Rank: 2769	996 B
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 15887	683 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 279	700 B
2	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1318	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 282	964 B
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 480	1 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1546	548 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 211	10 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	529 B
2	weborama.fr 1 redirects cr.frontend.weborama.fr — Cisco Umbrella Rank: 24144	460 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4459	562 B
2	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 910	375 B
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 788	5 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 712	22 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	203 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	170 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
2	blueconic.net torstar.blueconic.net — Cisco Umbrella Rank: 302423	2 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 581	277 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 487	35 B
1	smartadserver.com 1 redirects ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1751	357 B
1	kargo.com crb.kargo.com — Cisco Umbrella Rank: 1591	360 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	47 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 759	610 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 719	266 B
1	zeotap.com mwzeom.zeotap.com — Cisco Umbrella Rank: 2401	382 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 434	724 B
1	reddit.com alb.reddit.com — Cisco Umbrella Rank: 1569	157 B
1	redditstatic.com www.redditstatic.com — Cisco Umbrella Rank: 1448	8 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 564	723 B
1	t.co t.co — Cisco Umbrella Rank: 521	377 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 309	239 B
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 636	15 KB
1	theweathernetwork.com engagefront.theweathernetwork.com — Cisco Umbrella Rank: 1673	309 B
1	everesttech.net 1 redirects cm.everesttech.net — Cisco Umbrella Rank: 954	517 B
1	prmutv.co be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co — Cisco Umbrella Rank: 317426	394 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 389	54 KB
1	pressboard.ca adserver.pressboard.ca — Cisco Umbrella Rank: 71310	789 B
1	app.delivery static.app.delivery — Cisco Umbrella Rank: 48320	32 KB
1	gscontxt.net torstar.gscontxt.net — Cisco Umbrella Rank: 253112	454 B
1	btloader.com btloader.com — Cisco Umbrella Rank: 897	6 KB
1	permutive.app be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app — Cisco Umbrella Rank: 245115	132 KB
0	districtm.io Failed dmx.districtm.io Failed
484	75

	Domain	Requested by
62	www.thestar.com	7 redirects www.thestar.com
29	widgets.media.sportradar.com	www.thestar.com widgets.media.sportradar.com
25	images.thestar.com	www.thestar.com
20	query.petametrics.com	www.thestar.com
20	n511.thestar.com	www.thestar.com n511.thestar.com
19	pix.eu.criteo.net	ads.eu.criteo.com
18	static.criteo.net	ads.eu.criteo.com
17	uswidgets.fn.sportradar.com	3 redirects widgets.media.sportradar.com www.thestar.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.thestar.com a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
14	www.gstatic.com	news.google.com www.gstatic.com www.google.com
13	elb.the-ozone-project.com	prebid.the-ozone-project.com elb.the-ozone-project.com
12	sr.studiostack.com	adserver.pressboard.ca sr.studiostack.com
11	pagead2.googlesyndication.com	ad.doubleclick.net securepubads.g.doubleclick.net www.google.com tpc.googlesyndication.com www.thestar.com a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com www.googletagservices.com
11	resources.thestar.com	www.thestar.com resources.thestar.com
10	www.google.com	www.thestar.com www.gstatic.com www.google.com tpc.googlesyndication.com a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
9	play.google.com	www.gstatic.com
9	news.google.com	1 redirects www.thestar.com news.google.com www.gstatic.com
8	www.googletagmanager.com	www.thestar.com www.googletagmanager.com
6	img.sportradar.com	www.thestar.com
6	fonts.gstatic.com	fonts.googleapis.com news.google.com
6	dev.visualwebsiteoptimizer.com	www.thestar.com dev.visualwebsiteoptimizer.com d5phz18u4wuww.cloudfront.net
6	securepubads.g.doubleclick.net	www.thestar.com securepubads.g.doubleclick.net
5	p1.parsely.com	cdn.parsely.com www.thestar.com
5	api.permutive.com	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
4	csm.eu.criteo.net	ads.eu.criteo.com
4	a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	events.kumulos.com	static.app.delivery
4	push.kumulos.com	static.app.delivery
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagservices.com	www.thestar.com a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
4	ib.adnxs.com	3 redirects be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
3	cm.g.doubleclick.net	3 redirects
3	image2.pubmatic.com	ads.pubmatic.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	ct.pinterest.com	s.pinimg.com
3	bat.bing.com	www.thestar.com bat.bing.com
3	googleads4.g.doubleclick.net	ad.doubleclick.net www.thestar.com
3	www.google.se	www.thestar.com
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	unpkg.com	2 redirects www.thestar.com
3	data.ontario.ca	misc.thestar.com
3	c.amazon-adsystem.com	www.thestar.com c.amazon-adsystem.com
3	sb.scorecardresearch.com	1 redirects www.thestar.com
3	prebid.the-ozone-project.com	www.thestar.com prebid.the-ozone-project.com
2	eb2.3lift.com	2 redirects
2	ads.avct.cloud	2 redirects
2	ad2.360yield.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	x.bidswitch.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	rtb.openx.net	2 redirects
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
2	match.adsrvr.org	ads.pubmatic.com
2	c1.adform.net	2 redirects
2	cr.frontend.weborama.fr	1 redirects ads.pubmatic.com
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	px.ads.linkedin.com	1 redirects
2	cdn.linkedin.oribi.io	snap.licdn.com
2	snap.licdn.com	www.thestar.com snap.licdn.com
2	ads.pubmatic.com	elb.the-ozone-project.com ads.pubmatic.com
2	10230056.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
2	s.pinimg.com	www.thestar.com s.pinimg.com
2	adservice.google.com	securepubads.g.doubleclick.net 10230056.fls.doubleclick.net
2	www.facebook.com
2	connect.facebook.net	n511.thestar.com connect.facebook.net
2	api.thestar.com	www.thestar.com
2	region1.analytics.google.com	www.googletagmanager.com
2	s.thestar.com	resources.thestar.com
2	dpm.demdex.net	resources.thestar.com www.thestar.com
2	fonts.googleapis.com	misc.thestar.com client
2	misc.thestar.com	www.thestar.com misc.thestar.com
2	torstar.blueconic.net	n511.thestar.com
1	ap.lijit.com
1	match.sharethrough.com
1	ssbsync-global.smartadserver.com	1 redirects
1	crb.kargo.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	rtb.nl.eu.criteo.com	www.thestar.com
1	rtb.fr.eu.criteo.com	www.thestar.com
1	s0.2mdn.net	www.thestar.com
1	um.simpli.fi	ads.pubmatic.com
1	sync.crwdcntrl.net	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	www.linkedin.com	1 redirects
1	alb.reddit.com
1	image6.pubmatic.com	ads.pubmatic.com
1	www.redditstatic.com	www.thestar.com
1	analytics.twitter.com
1	t.co
1	pixel.rubiconproject.com
1	adservice.google.se	securepubads.g.doubleclick.net
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	static.ads-twitter.com	www.thestar.com
1	pixel.thestar.com	connect.facebook.net
1	cm.adform.net
1	ad.doubleclick.net	www.thestar.com
1	engagefront.theweathernetwork.com	www.thestar.com
1	cm.everesttech.net	1 redirects
1	torontostarnewspaperslimited.demdex.net	resources.thestar.com
1	cdn.parsely.com	d1z2jf7jlzjs58.cloudfront.net
1	be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
1	cdn.petametrics.com	www.thestar.com
1	d1z2jf7jlzjs58.cloudfront.net	www.thestar.com
1	d1nxn87txdj54y.cloudfront.net	www.thestar.com
1	z.moatads.com	www.thestar.com
1	adserver.pressboard.ca	www.thestar.com
1	d5phz18u4wuww.cloudfront.net	www.thestar.com
1	static.app.delivery	www.thestar.com
1	torstar.gscontxt.net	www.thestar.com
1	btloader.com	www.thestar.com
1	be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app	www.thestar.com
0	dmx.districtm.io Failed
484	119

This site contains links to these domains. Also see Links.

Domain
pubads.g.doubleclick.net
diversions.thestar.com
www.homefinder.ca
www.tsoffers.ca
toriservices.newscyclecloud.com
torontostar.pressreader.com
www.thestaradvisers.com
www.classroomconnection.ca
pagesofthepast.ca
www.facebook.com
twitter.com
www.youtube.com
www.instagram.com
apps.apple.com
play.google.com
notices.torstar.com

Subject Issuer	Validity	Valid
*.thestar.com Trustwave Organization Validation SHA256 CA, Level 1	`2022-09-27` - `2023-10-19`	a year	crt.sh
*.the-ozone-project.com Amazon	`2022-11-22` - `2023-12-20`	a year	crt.sh
n511.thestar.com Amazon RSA 2048 M02	`2022-11-03` - `2023-12-02`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
permutive.app Cloudflare Inc ECC CA-3	`2022-11-12` - `2023-02-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-05` - `2023-08-05`	a year	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2022-07-04` - `2023-08-05`	a year	crt.sh
*.blueconic.net Amazon	`2022-07-08` - `2023-08-06`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.pressboard.ca Go Daddy Secure Certificate Authority - G2	`2022-03-17` - `2023-03-17`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
cdn.liftigniter.com R3	`2022-10-29` - `2023-01-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.prmutv.co R3	`2022-09-28` - `2022-12-27`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
api.permutive.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
data.ontario.ca Entrust Certification Authority - L1K	`2022-09-21` - `2023-10-18`	a year	crt.sh
widgets.media.sportradar.com R3	`2022-10-18` - `2023-01-16`	3 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.studiostack.com Go Daddy Secure Certificate Authority - G2	`2022-11-16` - `2023-12-18`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
*.liftigniter.com R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
s.thestar.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.ozpr.net Amazon	`2022-05-08` - `2023-06-06`	a year	crt.sh
*.google.se GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.kumulos.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-03` - `2023-06-02`	a year	crt.sh
fn.sportradar.com R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-23` - `2022-12-22`	3 months	crt.sh
engagefront.theweathernetwork.com GTS CA 1D4	`2022-11-06` - `2023-02-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
img.sportradar.com R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
pixel.thestar.com Amazon	`2022-06-08` - `2023-07-07`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-11-25` - `2023-05-25`	6 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
www.redditstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-15`	6 months	crt.sh
*.reddit.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-05-14`	6 months	crt.sh
linkedin.oribi.io Amazon	`2022-07-07` - `2023-08-06`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.dev.kargo.com Amazon	`2022-03-01` - `2023-03-29`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.thestar.com/?redirect=true
Frame ID: 369736D665DCBF5D92E6F8A56855A43A
Requests: 305 HTTP requests in this frame

Frame: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Frame ID: F5C0D9C54D079D3A53730F7A69B7D2B2
Requests: 7 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com
Frame ID: EA1988DB0BE238274E401EEAC7099AA2
Requests: 16 HTTP requests in this frame

Frame: https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0
Frame ID: 67E4855068B07D929E4302D39A67341C
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=elvah88epma3
Frame ID: D9845A139C99A94031D635BD0D88460E
Requests: 4 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
Frame ID: 3632CBE964D412BF0598365DE727DDC2
Requests: 11 HTTP requests in this frame

Frame: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=df84048a-7355-4612-88f5-e98dd000feaf&publisherId=TKN100000001&siteId=4204204311&cb=1671099927303&bidder=ozone
Frame ID: 9982896D0E9D7A0C078DD8395FB35A59
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: D96CD0ABAB8E4C5473C4847A607C26D8
Requests: 1 HTTP requests in this frame

Frame: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 827AA28E0D0A27DDD50176E2B6C0A8D8
Requests: 1 HTTP requests in this frame

Frame: https://10230056.fls.doubleclick.net/activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Frame ID: 1EDAB952412E4D39F60098CAE1009683
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: E33AC8FF42DE3729D9E8C5E88B814CCF
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 702D45146B4EFBCB283C5F3D4C7C7A60
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 372879A1AD26A6D3CB44886DB5806E4F
Requests: 2 HTTP requests in this frame

Frame: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3F1C4F3363FE37E3A716701215DDF16F
Requests: 8 HTTP requests in this frame

Frame: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DD2F2E349EB23B255CB0D84A9CAC8A88
Requests: 9 HTTP requests in this frame

Frame: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 58E9140E241B5522C0DEC4645F5822FF
Requests: 15 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 9BE9F6F44B1EA6DCA6AC901956728C84
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15b2639a-f61e-4800-b27d-1ba89abe02ca&gdpr=0&gdpr_consent=
Frame ID: B265C974530EAEAA364987A70368BCC8
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8511140874028250531
Frame ID: 5A61E7F75EF5BBF541E4468D49C0D4D8
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 56340E0F2F9A9CD5E0DA0694670453CC
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 90A0CE72618999F55FD5D206CFFD3EB4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4818220284326262611&gdpr=0&gdpr_consent=
Frame ID: 69FA47262A8298231EB9F1B22CB1E83A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjEsenRATAB&v=APEucNUdrIN8jxatuW6m5l1fHylLm6h5VvDa0E6hKmXbFWdsjFDgpKc8RivbdbPHtReBwtvCccAGg6xIXzTHAcR8DcYSPLIjVA
Frame ID: 921BB06838D2B148B0271256D6704D65
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5r2HAAAOcYKd8CBAAYqrT3DCwtVzHbmylOoIA&u=%7Cv18m8cqjo2DCyhdJm%2BSX0X9tuEve0jHDpZh%2FFXg%2FKNA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTP1xyKUNDD5-MmS2jjKmXiPpE0HK46Oh7aefLcYI_J1xv1q1bpt64V1zgX5YlB95IUpUFMG9n6QN16Y0F7wLJ_LdY325Zfyzgfud4RrxhP6wzzfe3TY70GKtEoAoESn7ezudsS27tI0jxGyCMDqhfzDCb24URpljTFrpJO7hbbzjtWzscq98HqVCpsA5c6rMsAJc-lUI0F0uAQ1mSv8swi8BG9tR3ojgkY2XrYv8LMLCF2rZCHihNlGR7GxSNO42nZAbz5Mot_AEQvdxnstn6_-mpl3FbpwerRGw-s2xn1k57S8s5BCtQXmF6OyikZV6OzjL9lN97ew_EenrxJQ4a1P_N2BdFivoE3CMAOj4-UFPdtzraLk5YlVWHC73iO4clRZz_xHnMOu4McgK6-8LhGtw0i5HBL3pik4gLHoS3_DWxm4z3rlxLOVfQtXITDoSMoFpuB5CGYqyEWASbPjJUVjB_47p9LgjydWWd5KAz16EV-1u0lNoY2VDOt2jbXOE3DhvSrUAb9fSkpx5tNmJOoOJ97XKJZfXFgEm47QUIDiu2Z66mpYuKz7KoMgFxuWTC0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtHbmHPaaY8ZzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEnAJP0FWBSoZFIYYE9kiSFOAZuTmFU0BYQr7-E9layAc0e1KMHI549tSFSXKxXQ4-HbpSqjXTksJCfygDYxCoyv3eJp5R9VvTpdjI1nG3FFJ201JgmJFcOpKEitb4o7XDek6DPFUCktqDVlYJb4Goh45tdrRzyjzJmLvcORHRWfJ7z4JrOLYz0aEcz4MVHCEivXwupeQQYLMFu3f4TzH2uvZmX-FrW4uBQHAMyotxKQYNS_7m4bIe2G0K-tG44UP2-RiRgti5YYmdN-L2UcjSClDPG1Mx0EKNqpIMeQ6hxj-xFPUqop-kii3z72RyUX-IHwZ5HaZWxJlG0j_7NLiRZw3QdwvmAbEp0tDojuQRZxn8gUQTxUWQdVQE0HUs6uAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18BdWzaUmn4dZH76MKz8r0J3iRxw%26client%3Dca-pub-8188431425509997%26adurl%3D
Frame ID: 3283AF5D7A85B4F803402E2EF7E96929
Requests: 28 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5r2HAAAOcsKd8CBAAYqrbRSWd_w3lq1LDJnkw&u=%7Cv18m8cqjo2CWuOo79iCpF1%2BgBGnGHlYG4LQW7SX2w7Q%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTP1xyKUNDD5-MmS2jjKmXiPpE0HK46Oh7a1viazdIPadplugJ-MRk9s4JM64uwn6mnQoysvxcwABoiZbm9SgQiHbjI266D5gO1Rd2FT7fupZwo-MbipS7C-X6H2nWr3_YrZpmiM_I18G7AdUum7jdkTrOrTunWDv_NoawjN-wCIbTuZ6Wvxtwu3rHLAWpmVnvwDIErTylffUdrZ7EHo_U3MveJ4i46-QAeaHrQg3ryl8z7zEmsAp8on8AWM5MyZ_xDLOFaYfkA2JPx6mSGBLvxGUUAuO9dRTLEzfcGIEugRSCkGWo5B7Mnz3lgRumDMmspzDc0j-CgTDDZv74EEJzIGHmTMEhRn7d-AqVz4OnsWPN2uGkXCsiT1hnYfPTzges4mkSkc6dilVkdYRSOxIdVzuPbogkqNA-jeEfLkMgiE69j7gI4EJbOWUD7xIjcJFksGlGAHQQcfMR1YGaBmA3VKAezS16hHTpaFluzczZ56PaW9lMrE6QjnIgi44FGwTmHTFfM4et6ESG_N706qai6ANzAuR2W5Ah5XKoG6RnHVihpSyaTe6UHSA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLT5PHPaaY8tzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEnAJP0Jsz1p_-SvkFjAC9iXaZZgCIZD1dJbS_43xIswfzIsrYeSKRAAMvVyDTtnqHp2U1sEMY8kU7Jw86bZ4M0VCO2Tzs_0oNGX5tkjJvMVpuG80FVvNFjIuKvvKncs1KMGXRD-80uyj3aZXoEHjWHCsKB3GIiQDvLYNbOWoz9zXHlWV0VGSpFTLT6G3BH-vpIUUH1QuCPYu735w34bhPO16VYzXNdjb3eS9raVNoLx5WhEuzUxaINE4eDp7TrDViK8Tlj3ReJeNZCyGr9jNzLLLonk_xZ865i0sHlqQ7KaT9ytWw4gXVy7dkxxoF1aoUd7pVw_R4QNs_zC2frPfba1NcA5rkPv9sCy6zUZtHg7oxIZrc___76HtrWscYuuAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2mCxYOPVZijMPyJ5LjVRZVlPsjdg%26client%3Dca-pub-8188431425509997%26adurl%3D
Frame ID: 34E92515C8208ADC3091A465B750426B
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4BD48192DC2D8F69C6AA2995868B348
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Toronto Star - Breaking News, Toronto News, Ontario News, Canada News

Page URL History Show full URLs

http://www.thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

484
Requests

94 %
HTTPS

0 %
IPv6

75
Domains

119
Subdomains

102
IPs

10
Countries

7163 kB
Transfer

23320 kB
Size

112
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: http://pubads.g.doubleclick.net/gampad/clk?id=5985467267&iu=/58580620
Title: Sports Betting

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/
Title: fun & games

Search URL Search Domain Scan URL

URL: https://diversions.thestar.com/comics.html
Title: comics

Search URL Search Domain Scan URL

URL: https://www.homefinder.ca/
Title: Homefinder.ca

Search URL Search Domain Scan URL

URL: https://www.tsoffers.ca/
Title: Subscribe to Home Delivery

Search URL Search Domain Scan URL

URL: https://toriservices.newscyclecloud.com/cgi-bin/cmo_tor-c-cmdb-01.sh/custservice/web/login.html?SiteID=TS
Title: Manage Home Delivery Subscription

Search URL Search Domain Scan URL

URL: http://torontostar.pressreader.com/
Title: Star ePaper Edition

Search URL Search Domain Scan URL

URL: https://www.thestaradvisers.com/Portal/default.aspx
Title: Star Advisers

Search URL Search Domain Scan URL

URL: http://www.classroomconnection.ca/
Title: Classroom Connection

Search URL Search Domain Scan URL

URL: http://pagesofthepast.ca/
Title: Toronto Star Archives

Search URL Search Domain Scan URL

URL: https://www.facebook.com/torontostar

Search URL Search Domain Scan URL

URL: https://twitter.com/torontostar

Search URL Search Domain Scan URL

URL: https://www.youtube.com/TorontoStar

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thetorontostar/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ca/app/thestar-com-iphone/id379481068

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.thestar.www

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/privacy-policy/index.html
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://notices.torstar.com/main_terms_of_use_daily_and_community_brands_EN/
Title: Terms of use

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thestar.com/ HTTP 301
https://www.thestar.com/ HTTP 302
https://www.thestar.com/?redirect=true Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1671099925065&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1671099925065&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=

Request Chain 82

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464194&publicationId=thestar.com HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com

Request Chain 100

https://unpkg.com/web-vitals HTTP 302
https://unpkg.com/web-vitals@3.1.0 HTTP 302
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Request Chain 113

https://cm.everesttech.net/cm/dd?d_uuid=45223963162903381240818708520509627918 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5r2FgAAANq8cwOJ

Request Chain 185

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Request Chain 186

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Request Chain 187

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2 HTTP 302
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Request Chain 188

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2 HTTP 302
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Request Chain 189

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2 HTTP 302
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Request Chain 267

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34542891 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542891

Request Chain 269

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34542893 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542893

Request Chain 271

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34542895 HTTP 301
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542895

Request Chain 336

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://10230056.fls.doubleclick.net/activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Request Chain 358

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1671099933014&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1671099933014%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%253Fredirect%253Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1671099933014&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true

Request Chain 365

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15b2639a-f61e-4800-b27d-1ba89abe02ca&gdpr=0&gdpr_consent=

Request Chain 366

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8511140874028250531

Request Chain 368

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 369

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4818220284326262611&gdpr=0&gdpr_consent=

Request Chain 370

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P2GxJjF5SFu33hMZiUZWYw%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 373

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=41730642

Request Chain 374

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y2MUIxMjYtMzE3OS00ODVCLUI3REUtMTMxOTg5NDY1NjYz&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 375

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB3lbQbBbHLSp4pQGCW4zGE&google_cver=1

Request Chain 377

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8075392156318716458

Request Chain 453

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1b7cfcf8-a21a-423d-98d5-5ee4211f2206

Request Chain 459

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1 HTTP 303
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AACv5k7HNewAACEsxACgrA

Request Chain 466

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=b008e06a-f892-41c9-ac81-2d74b34af66f

Request Chain 470

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y5r2ITFKQROx-qxcAE9.AgAA%26717

Request Chain 471

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4818220284326262611

Request Chain 472

https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID HTTP 302
https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%24UID&verify=true HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-Nd7igZpE2uFQCZVB2W9YQ.LE7QO_PC3zIqRpCGU-~A&gdpr=0&gdpr_consent=

Request Chain 473

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D%5Bssb_sync_pid%5D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=1225131243964191040

Request Chain 477

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=a534d334-083b-40df-8701-87693b31e039

Request Chain 478

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=fc8567c4-55ea-4b69-9508-376bc035e968

Request Chain 479

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4409907857632730871930

484 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thestar.com/
Redirect Chain

http://www.thestar.com/
https://www.thestar.com/
https://www.thestar.com/?redirect=true

623 KB
106 KB

98ms
98ms

Document
text/html

13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

1d624ab8c3c164368e105fc17ba9eb43b397d9662ef2db48a8cea085d860037b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-origin: https://amp.thestar.com
age: 102
cache-control: max-age=180
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 10:23:40 GMT
etag: W/"9bad2-S53lLBjOJcyDUx2oqGeoEHRWKYc"
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
vary: Accept-Encoding
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-id: ePPFqsqYevTFbdaZmN7vmW6T9cmB37SRrqYGcVMegj2DfYyL85sC2w==
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
x-frame-options: SAMEORIGIN
x-powered-by: Express

Redirect headers

content-length: 0
date: Thu, 15 Dec 2022 10:25:22 GMT
location: https://www.thestar.com/?redirect=true
server: CloudFront
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-id: EdLnq01WDcX8aVpi2uSikfnyh22-ufK4cAscdVy9c1gIIttgduM7cw==
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront

GET
H2 200 TorstarTextO3-Roman.ttf
www.thestar.com/assets/fonts/ 24 KB
15 KB 77ms
75ms Font
font/ttf 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Roman.ttf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3875
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"6028-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: XtOOYNYWTfe7T2F0rzaQNe4APh7cz-SnyK-lXwbKcZpnn9G42VXAZQ==

GET
H2 200 TorstarTextO3-Italic.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 91ms
90ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3875
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18316
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"478c-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: X7mw_E2I6yN6BcGhxphjxXiH8E7300xgLm-LX5F6ugdOzwzAA-j4Pg==

GET
H2 200 TorstarTextO3-Bold.woff2
www.thestar.com/assets/fonts/ 18 KB
18 KB 77ms
76ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarTextO3-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:48 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3874
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18276
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4764-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: lsASNCTCGiW3Z6vOc45e1_g-HShzZbMatN2E1t1hPsn3XgUuWTq4sg==

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 80ms
79ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:48 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3874
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 3JI2TK4d5HIQVBIuaPNc_IaUGupfywaU_b3qf58XV3wi9yCyEE0IiA==

GET
H2 200 TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/ 18 KB
19 KB 85ms
84ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3875
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4930-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: AdCtn-NYTx8JhYgJfgbvYtVUMG1rD-GcqXJCBfNDoX78AKU7jfMhAA==

GET
H2 200 MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 123ms
122ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3875
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: oLwvXtdKWPvzdA93HDXMd5J9ktEvjUHlK2qW7nho9B90QFwoadIdTg==

GET
H2 200 MerriweatherSans-Italic.woff2
www.thestar.com/assets/fonts/merriweather/ 52 KB
53 KB 89ms
88ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Italic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:48 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3874
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 53664
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d1a0-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 8scp-3kpeAHPTO9m_k-ULO5AOjifzqlihzw2NlDbqgNBoTqQc9_gHQ==

GET
H2 200 MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/ 55 KB
56 KB 169ms
169ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3875
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: HwyoYJLK7MraFICIH77ohmmm7rOuKY3pMUsj6Ejzs2svHrPrxxcOdA==

GET
H2 200 MerriweatherSans-BoldItalic.woff2
www.thestar.com/assets/fonts/merriweather/ 54 KB
54 KB 172ms
172ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-BoldItalic.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:48 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3874
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54800
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d610-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: gsZ9ubpP44G6nrHHf-tAqgskJyz14PwZ8IEdakHacN-GvkPobgffbw==

GET
H2 200 MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/ 53 KB
54 KB 170ms
168ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/?redirect=true
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3875
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d420-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: zD-MOVt1KQAGWdtS7BYJm6S_fTW83Y1nWnc6L7Gwj-c2G7l_Gnm7ZA==

GET
H2 200 toronto-star-adunits.js Show response
prebid.the-ozone-project.com/hw/torstar/ 4 KB
1 KB 325ms
52ms Script
application/javascript 143.204.215.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 05:12:58 GMT
content-encoding: br
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Fri, 18 Feb 2022 02:13:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 18912
etag: W/"47ec15276ab051ddd124dd65b61efb8f"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: wByqlKkRrJvjUyl-DSvny1cQ3XVYheDUqXWcBADEXw9AqATutwV29A==

GET
H2 200 script.js Show response
n511.thestar.com/ 137 KB
41 KB 204ms
63ms Script
text/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/script.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

33a5aa09fe779bff8e3a2577f8a828b77fe6ede36a6105d835522e752c430d85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:24:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 40
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41761
x-xss-protection: 1; mode=block
last-modified: Thu, 15 Dec 2022 10:24:06 GMT
server: -
etag: 650ec9f28b928d9c5811ca2e58cbcc91
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: 2u7ANpVtMhPaeY0RIlWDPDvpnHmtiQyjoyEgfgnA6sDaRGAEGE9Ekg==
expires: Thu, 15 Dec 2022 10:34:41 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 149 KB
46 KB 1133ms
55ms Script
text/javascript 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

sffe /

Resource Hash

c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:02:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1361
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46777
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 18:33:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:52:42 GMT

GET
H2 200 john_tory.jpg
images.thestar.com/zn0sANosOXYakkoxGalqJrNYYZw=/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/14/nobody-cares-about-his-new-strong-mayor-powers-john... 2 KB
2 KB 184ms
52ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zn0sANosOXYakkoxGalqJrNYYZw=/114x76/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/14/nobody-cares-about-his-new-strong-mayor-powers-john-tory-tells-his-critics/john_tory.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 64d7bbb4fd6818c8927839fd2a3f95a81b4aa6d5792ce8fdb49014d4066da0f9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:04:46 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 55238
etag: "546eed56cb484610bcf03854ff6a363d3ab1d79c"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1728
x-amz-cf-id: GcBmz8YdQovxE-8JM5bWIM2DDSzz3HfOkuwmS6J6e7MmPBWo-oCx3g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 74.css
www.thestar.com/static/ 6 KB
3 KB 175ms
173ms Stylesheet
text/css 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/74.css?v=7db92b637058f6d7a9ef

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:54:41 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 45041
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 20:06:32 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"19a0-185123eed40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: GM_2Dbi4CiDeLNifVE0w84Y4ZfH0xkNzsa-OHMTKu1vK7EFsotUFfg==

GET
H2 200 bundle.css
www.thestar.com/static/ 405 KB
62 KB 176ms
175ms Stylesheet
text/css 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95d9c0f840509ec5e24c598bdc5f0961fce84623b88b73fcc26821376adb66a0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:54:41 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 45041
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 20:06:32 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"653dc-185123eed40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: VLdjPh-T4EPKyabfMvtd-JNpezizBuqS3_01IpYHTRWLjAuBAvtQVw==

GET
H2 200 be54a597-6b6d-4e2d-9d31-642310a8db25-web.js Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/ 432 KB
132 KB 134ms
55ms Script
application/javascript 104.18.1.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.1.175 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: be54a597-6b6d-4e2d-9d31-642310a8db25
age: 403
x-guploader-uploadid: ADPycdtHC5P13P38LgRhi2X12XXSJG0nut8413W6XrGuKPwK4bwSpR45DZWXsX0aJfGyX8f0cS5d71g0L-iAnmMHSr_HbQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 14 Nov 2022 10:17:23 GMT
server: cloudflare
etag: W/"8f00ae526705181d9b929b25770b0584"
vary: Accept-Encoding
x-goog-generation: 1668421043825607
content-type: application/javascript
x-goog-hash: crc32c=wf3MGw==, md5=jwCuUmcFGB2bkpsldwsFhA==
cache-control: public, max-age=900
x-goog-stored-content-length: 139051
cf-ray: 779e799ec8dd992c-ARN
expires: Thu, 15 Dec 2022 10:40:24 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 234ms
101ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

cfdd75ea6bcd97f0788c01c57f1a34f10d47e0bb5906616872d5e04e4f65f7e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27667
x-xss-protection: 0
server: sffe
etag: "1422 / 701 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Dec 2022 10:25:24 GMT

GET
H2 200 ads.js Show response
www.thestar.com/assets/js/ 22 B
485 B 63ms
56ms Script
application/javascript 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/js/ads.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 07:00:25 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 12299
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 22
last-modified: Wed, 14 Dec 2022 19:59:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"16-1851238ee18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: CzjEmsCUdm1gZd_-eAQ0m0FCiBvP2ybia_PugU4gUH0V40l4hhNayg==

GET
H2 200 tag Show response
btloader.com/ 13 KB
6 KB 166ms
61ms Script
application/javascript 104.26.6.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5071905434894336&upapi=true
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.6.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d24bf9a18070a06663ddde9e60e5833cd3dfa33b34b27da893b621b1df8a56e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 15 Dec 2022 09:58:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1614
etag: W/"61913b35256d19fae3fd309cf77c0ce2"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXGXaNIElfJGKdZ51d%2FnJxiiLBOdZUw1tQVQ%2FB317dMS0lUBkAH5WoZBNXmfrmOCZ8gOT58Iqy3owokVdq1udLTuDHOW84YmxDzadZiIZXgY1bLl7vR3CqVi6xD1Xg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray: 779e799fe987b803-RIX

GET
H2 200 logo-toronto.svg
www.thestar.com/assets/svg/ 7 KB
3 KB 116ms
110ms Image
image/svg+xml 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-toronto.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:52 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3872
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 19:59:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"1df3-1851238ee18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
x-amz-cf-id: O1Hd1R6MsoW1Mwb1uiuieLxy_KHLh3G8OAA9STzC6DguwjO04SqVoA==

GET
H2 200 logo-round-thestar.svg
www.thestar.com/assets/svg/ 589 B
1 KB 149ms
142ms Image
image/svg+xml 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/svg/logo-round-thestar.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:52 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3872
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 589
last-modified: Wed, 14 Dec 2022 19:59:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"24d-1851238ee18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: KFyA_slGbMS9siYANnHMe6Yy2Ahtp91CxKASlcobKD3im-06CEgdtA==

GET
H2 200 john_tory.jpg
images.thestar.com/1yokcVoqIplpYlWUHOxSVrLqEkU=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/14/nobody-cares-about-his-new-strong-mayor-powers-joh... 18 KB
19 KB 72ms
65ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/1yokcVoqIplpYlWUHOxSVrLqEkU=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/14/nobody-cares-about-his-new-strong-mayor-powers-john-tory-tells-his-critics/john_tory.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1be5f9054dd4062a5df289191f877e1fb6c0d16d266a2c6a32bdf8da1e13e3c6

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:04:47 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 55237
etag: "6400d84e3842d89181f2b691b9ed88a5bea90400"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 18898
x-amz-cf-id: BIwK99a4nNOooi03dC68ttvsDqyCs6bT_PXYnTChJBtbmWOvNWgxUQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 world-cup-badge-light.svg
www.thestar.com/content/dam/thestar/static_images/editorial/ 8 KB
8 KB 258ms
252ms Image
image/svg+xml 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/content/dam/thestar/static_images/editorial/world-cup-badge-light.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.53 () OpenSSL/1.0.2k-fips Communique/4.3.3 /

Resource Hash

0a22786b854937af5820d7e7c893edafd508d2322eae29c8f815a729c8a5df26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
last-modified: Tue, 15 Nov 2022 15:48:56 GMT
server: Apache/2.4.53 () OpenSSL/1.0.2k-fips Communique/4.3.3
x-amz-cf-pop: FRA56-C2
x-cache: RefreshHit from cloudfront
content-type: image/svg+xml
cache-control: max-age=900
content-disposition: attachment; filename="world-cup-badge-light.svg"
accept-ranges: bytes
content-length: 7838
x-amz-cf-id: MptUgEL1cIXWTXoY9C1A0qk-RNPh1GVMAe_jGK9-pSzQ2T2KvtajNQ==
expires: Thu, 15 Dec 2022 10:40:24 GMT

GET
H2 200 vendors~bundle.chunk.js Show response
www.thestar.com/static/ 2 MB
482 KB 62ms
56ms Script
application/javascript 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6686b4baea5858923f283046e32fa3c84e160e9d491c03f2b291e49237ff4762

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:54:41 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 45043
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 20:06:32 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"1b07b1-185123eed40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: xh-Mx6LMNyrz76OvObLTuPrfyLrLxjdW8ShW_hz9U3BYdFPl53K0bw==

GET
H2 200 bundle.js Show response
www.thestar.com/static/ 1 MB
247 KB 62ms
56ms Script
application/javascript 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/bundle.js?v=6094ee53

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

0b6de811826f20d2d8af8845e8d74133a1c718b86a9dab4b2b1c0bb8132a09d3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:54:41 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 45043
x-powered-by: Express
x-cache: Hit from cloudfront
last-modified: Wed, 14 Dec 2022 20:06:32 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"13dfb7-185123eed40"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=86400
x-amz-cf-id: JZ1loHwzAC3RMl57H7gZ2u3hnj0UmY_7oFYmisDRs3wkNoEvsakv7Q==

GET
H2 200 ozpb.js Show response
prebid.the-ozone-project.com/hw/torstar/ 203 KB
63 KB 60ms
54ms Script
application/javascript 143.204.215.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:30:03 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Mon, 21 Mar 2022 18:26:56 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 46522
etag: W/"e08e5a6e68f37184e1c046d32d471d44"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: vyZXyosDBg68HI2okxiDcxsM4KQH4Vk_u8b-63S9Hs2AztS50LdNbQ==

GET
H2 200 ozp_global_int.min.js Show response
prebid.the-ozone-project.com/hw/torstar/ 6 KB
3 KB 60ms
55ms Script
application/javascript 143.204.215.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.the-ozone-project.com/hw/torstar/ozp_global_int.min.js
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/toronto-star-adunits.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-46.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 04:59:00 GMT
content-encoding: gzip
via: 1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
last-modified: Thu, 28 Apr 2022 14:10:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 19585
etag: W/"c6e67d08c7c4a89b3155020045b68eb1"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: Qt2I1x3dSBo7m2GkV7rNUS7VjJISvgkmHm5a5xdk2zT9cvCQ-G1TPw==

GET
H/1.1 200
OK channels.cgi Show response
torstar.gscontxt.net/main/ 376 B
454 B 1866ms
135ms Script
application/javascript 129.158.208.173
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://torstar.gscontxt.net/main/channels.cgi?url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 129.158.208.173 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: b1eca01c842d1458d5b19f66a3268e406707fe5cc0fdacf6f207c3e3f97296a9

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 376
Content-Type: application/javascript

GET
H2 200 launch-EN5e55511c260e4c0cb05872ba3729b255.min.js Show response
resources.thestar.com/ 355 KB
77 KB 313ms
67ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2dbf2f018be859838890bcc1fc0696c7ec7962b10169bdaf5ef9d91ea408f99d

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:38 GMT
x-amz-version-id: DY.249ycUB3Bhc6vXUnxQlwfkV.KfkUt
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:32:31 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"fad43a398d3c06f6012455992faf0e91"
age: 3166
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: rrlmAdrCKtUrk5QtM5lBrc9aeZQE7pXLBrhCRpFI8xT-5OjeHy3m9g==

GET
H2 200 main.js Show response
static.app.delivery/sdks/web/ 128 KB
32 KB 184ms
74ms Script
application/javascript 172.67.73.13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.app.delivery/sdks/web/main.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.73.13 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1614
content-encoding: br
last-modified: Fri, 26 Nov 2021 12:00:54 GMT
server: cloudflare
etag: W/"61a0cc76-200b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGXDXnphvpebGeNCpHlM41%2FPdKSqkmSO9OFZ04hQWHPJMRSs0oaRGYKqEPrbBhqRh3xWqm4Ghr4lyUs45f6dAB1hdmxKitUaWOkxUu3Vg%2F%2BFncWGo16LX8%2BWi3tv%2FoWORIiiy7M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 779e799ffaf4b80a-RIX
expires: Thu, 15 Dec 2022 10:58:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
88 KB 314ms
75ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

b6fac7e582a3ac8289126a4b8161fa8f2e9be6e47e01857cc147b70b60fedab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89824
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
vary: *
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js_visitor_settings.php Show response
dev.visualwebsiteoptimizer.com/deploy/ 12 KB
3 KB 117ms
56ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: d2c586b036ff3aa56f27aa4e1380cd3c86056d36d9667e46c2094f5d5c2137a7

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 15 Dec 2022 10:25:22 GMT
content-encoding: gzip
via: 1.1 google
server: gams1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 track-89005e590c0ebf15682032cbfc0ab566.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 12 KB
4 KB 58ms
57ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/track-89005e590c0ebf15682032cbfc0ab566.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 1e84ec08e834efe1e1c9df97bbe8ab9451a8df80fd6ecfe29fb44e3d3054a52d

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 15 Dec 2022 10:25:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 14 Dec 2022 14:10:13 GMT
server: gams1
etag: "6399d945-e80"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3712

GET
H2 200 opa-74021bde9081c83799a0980273db90d9.js Show response
dev.visualwebsiteoptimizer.com/analysis/4.0/ 110 KB
28 KB 73ms
72ms Script
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 15 Dec 2022 10:25:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 14 Dec 2022 14:10:03 GMT
server: gams1
etag: "6399d93b-6ff4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28660

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 131ms
127ms Image
image/gif 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=354908&d=thestar.com&u=DC2430979FEF4430A4E04CDECC4F56838&h=62e453effa5a842ef626f5224ecbfbac&r=0.7182830733817971

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv1c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:24 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv1c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 17 B
699 B 583ms
128ms Script
text/javascript 100.25.1.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?&callback=bc_json1010

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.1.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-1-9.compute-1.amazonaws.com

Software

- /

Resource Hash

d613f51ffc0e62b87113c8124e6cd4378221be0846746f472d88cb3cce937556

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 37
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK vis_opt.js Show response
d5phz18u4wuww.cloudfront.net/ 168 KB
56 KB 190ms
60ms Script
text/javascript 143.204.214.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-20.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Thu, 15 Dec 2022 10:11:21 GMT
Content-Encoding: gzip
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
Last-Modified: Thu, 02 May 2019 08:14:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA53-C1
Age: 908
ETag: "85932b0cd7c8dce121fa1923529a3189"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57240
X-Amz-Cf-Id: Z_T7iOQQCgibpLyEbbIYI6Txg3ubXs_mKpr9IQ7lEwCPpFxt0o9LWA==

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 169ms
57ms Stylesheet
text/css 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:52:41 GMT

GET
H3 200 vis_opt-89005e590c0ebf15682032cbfc0ab566.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 227 KB
64 KB 57ms
57ms Script
text/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-89005e590c0ebf15682032cbfc0ab566.js
Requested by: Host: d5phz18u4wuww.cloudfront.net
URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: 80d12cf6af8354ae86fcb5972f0a07ea9e239a135d83d5534a4026550545d880

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 14 Dec 2022 14:10:13 GMT
server: gams1
etag: "6399d945-10061"
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65633

GET
H/1.1 200
OK embedder Show response
adserver.pressboard.ca/v3/ 351 B
789 B 394ms
69ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:24 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 351
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2 200 moatcontent.js Show response
z.moatads.com/torontocontentstarcontent37863992/ 165 KB
54 KB 281ms
43ms Script
application/x-javascript 88.221.169.143
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/torontocontentstarcontent37863992/moatcontent.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 88.221.169.143 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-169-143.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:22:35 GMT
server: AmazonS3
x-amz-request-id: 31EA48740775C598
etag: "491121b0fb1268b17bdb2c53880291f2"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=33030
accept-ranges: bytes
content-length: 54912
x-amz-id-2: 8hhs+vCZD2zll4I07kFl07NUwG/grOjziIprXcQdATPWtbNQOVG5mHNoX1yRKDoCe/Fog07Zw3s=

GET
H3 200 worker-70faafffa0475802f5ee03ca5ff74179.js Show response
dev.visualwebsiteoptimizer.com/analysis/ 47 KB
13 KB 146ms
99ms XHR
application/javascript 34.96.102.137
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/analysis/worker-70faafffa0475802f5ee03ca5ff74179.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gams1 /
Resource Hash: e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 14 Dec 2022 14:10:03 GMT
server: gams1
etag: "6399d93b-351f"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13599

GET
H2 200 indicator-icon-aggregation.svg
www.thestar.com/assets/img/ 703 B
1 KB 98ms
97ms Image
image/svg+xml 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thestar.com/assets/img/indicator-icon-aggregation.svg

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:21:38 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3826
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 703
last-modified: Wed, 14 Dec 2022 19:59:59 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"2bf-1851238ee18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 2bnvfc9P6D0hzAT-J7JVL2wNUE1Sbocztq4gkTihlhUxGwmkULYkaw==

GET
H2 200 _1refugees_and_migrants_crossing_darien_gap_at_colombia_border.jpg
images.thestar.com/MdAWPaYqmNpsWHf43jFSUUezzY0=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/12/14/the-pandemic-changed-everything-for-migrants-no... 95 KB
95 KB 132ms
114ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/MdAWPaYqmNpsWHf43jFSUUezzY0=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/12/14/the-pandemic-changed-everything-for-migrants-now-its-getting-worse/_1refugees_and_migrants_crossing_darien_gap_at_colombia_border.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09991f35e103cb990cf0ee1dcc434e9b00a42486ef9cfe9ae68975d95f335bd1

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:44:49 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 34835
etag: "6802a81c5759068de46021a9ecc4129b0191fff4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 97074
x-amz-cf-id: Z6_PcKBULq6ka-Qu9waxegIHD9m8ijL2pY5K09w4ssGinYBU_QmYhg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 france_celly_overhead.jpg
images.thestar.com/BhA8ZI7-RNJCJVsAC8biR7-YWVM=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/worldcup/opinion/2022/12/14/moroccos-magnificent-world-cup-run-... 84 KB
85 KB 84ms
66ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/BhA8ZI7-RNJCJVsAC8biR7-YWVM=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/worldcup/opinion/2022/12/14/moroccos-magnificent-world-cup-run-comes-to-an-end-against-france-and-the-stage-is-set-for-a-piece-of-football-history/france_celly_overhead.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6026f648c50f33508e68dd338b9fda571587467342b3de317b96af4b87894c20

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:16:26 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 36538
etag: "3c5ec6d757c7829117f3daebf9787cfebf9f6a50"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 86314
x-amz-cf-id: JEmT7NX0YfZjROQam9kVwyPfCVa2H72brXrqsjireAp4wTni-yjlAA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _20221208_don_gauthier_eatons1051.jpg
images.thestar.com/iAh_fKtk65Br0o6GTdiwnpPsecg=/0x0:1178x785/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/12/14/eatons-christmas-catalogue-was-ama... 58 KB
59 KB 109ms
91ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/iAh_fKtk65Br0o6GTdiwnpPsecg=/0x0:1178x785/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/canada/2022/12/14/eatons-christmas-catalogue-was-amazon-before-there-was-amazon/_20221208_don_gauthier_eatons1051.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1c05f76c5b49f14ca1a334c998abae93ea9bb3513499fe98d33013a3bc075621

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 11:36:23 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 82141
etag: "3244a1c23d98532aafe23179d08abfacc101c8fd"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 59672
x-amz-cf-id: jyJV12D6wemJFX1Jun0fky2VoOo7udOfFIIGQ7tkuvv_cm0ITP0E5g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 hp-widget-2022.html Show response
misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/ Frame F5C0 12 KB
4 KB 232ms
58ms Document
text/html 108.138.7.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b5425fef4de3efe663b669fedc49222d899957394803442eea536408e7016ddc

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

age: 15
content-encoding: gzip
content-type: text/html
date: Thu, 15 Dec 2022 10:25:24 GMT
etag: W/"80c5c323c6908a30d9e9593677b0db6f"
last-modified: Thu, 17 Nov 2022 19:47:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
x-amz-cf-id: W9ebLvhpohL8MknbHidNkYxdEI2uEitB2dt-GKlJd_ZmftVLF60u0g==
x-amz-cf-pop: FRA56-P6
x-amz-meta-version-id: QFRJ.suJzGlOfcwuxfB6o7fU4DaaRVdu
x-amz-version-id: sYODXURp_pcIWjeb7oFHHxQfDt5.qnCH
x-cache: Hit from cloudfront

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 232ms
62ms Script
application/javascript 99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 11:27:15 GMT
content-encoding: gzip
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 82700
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: SshlOE3FJaVti2JDPrDbB3NSSUB73XBjhCJLEgd0WCHSn2e7LOZafw==

GET
H/1.1 200
OK /
d1nxn87txdj54y.cloudfront.net/ 43 B
524 B 690ms
438ms Image
image/gif 65.9.58.133
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1nxn87txdj54y.cloudfront.net/?a=40727dc8cfba4185b5b471b11fed6eb9
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.58.133 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-58-133.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 10:25:26 GMT
Via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
Last-Modified: Mon, 22 Apr 2013 19:31:32 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
ETag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
X-Cache: RefreshHit from cloudfront
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 43
X-Amz-Cf-Id: aiksuirxZNdrqiKZslEhi7_Qkj9KGpza3TmdQW00ykHWB8VJRt8G8w==

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 269ms
51ms Script
application/javascript 13.227.211.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.211.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-211-231.ams54.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 06:08:38 GMT
Via: 1.1 5e95d2e6aebe43cabd9dcdad89ad0a42.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS54-C1
Age: 15406
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/javascript
Cache-Control: max-age=86400, public
Accept-Ranges: bytes
X-Amz-Cf-Id: Kd-sbSZU2pyJUHC7mtyftu3apmH1-hcW7mjhdeViBgVmw-5v59r1jQ==
Expires: Fri, 16 Dec 2022 06:08:38 GMT

GET
H2 200 q9fqmmutk5a97trs-nbc.js Show response
cdn.petametrics.com/ 158 KB
46 KB 247ms
31ms Script
application/javascript 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.petametrics.com/q9fqmmutk5a97trs-nbc.js?ts=464194
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: gzip
x-amz-version-id: LckRkWNbGAnMM4fPWbwH3UMp93SHfXGQ
last-modified: Tue, 27 Sep 2022 01:29:26 GMT
server: AmazonS3
x-amz-request-id: 70CGR7GHNH5CXVBZ
etag: "5c0507320302161578b77871f0306c36"
x-hw: 1671099924.cds023.sk1.hn,1671099924.cds023.sk1.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400, s-maxage=31536000
accept-ranges: bytes
content-length: 47144
x-amz-id-2: ZoVMpLWVLWbMdCSpxElCkEdm/ApGgr81KGD7oKYnY0O7l0ccOafZZcx0JohD1fgcdIV0fG7STGk=

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 278ms
53ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:16:51 GMT
content-encoding: gzip
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront), 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
last-modified: Wed, 14 Dec 2022 22:39:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 514
x-amz-server-side-encryption: AES256
etag: W/"9678e76b6e6295571547f8fe5df68b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: N4PLxdkb9ZZvEUMjQmnqnEj-vV9YYI4Y9mh8qCnYTGaqOea6WGM36w==

GET
H2 200 Delacourt_Susan_logo2015.JPG
images.thestar.com/tJXg05Cm35eAqatKyRLR8MV1WWQ=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 205ms
103ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/tJXg05Cm35eAqatKyRLR8MV1WWQ=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Delacourt_Susan_logo2015.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9a47117fd6b0fcdcb43d864e3cd4c759a15a2a4050f84f0af1a88983f2765e6a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 18 May 2022 14:14:31 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 18216653
etag: "9105309b6067fab15829790a085e0da3380132a6"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1928
x-amz-cf-id: cRnGG-6Trmbv4AjSoHG1QPFewJqYF8JzsCjJK2Fw0fyaoJaa61jSVQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Elghawaby_Amira_logo2020.jpg
images.thestar.com/oh7ZyuQ8QIWjQwNlJxeRbOF5FCc=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 207ms
106ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/oh7ZyuQ8QIWjQwNlJxeRbOF5FCc=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Elghawaby_Amira_logo2020.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d52dbb69e46a929b07778d5deef2008160f131596bcf8496f6c6783488fd0a55

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 09 Oct 2022 16:59:46 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 5765138
etag: "49ecc2b54a9ac072ebbc83a7c622a5a2caac10a9"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1770
x-amz-cf-id: 4ut9vuEUzLe1zVPTulhsbUBvOtzxeP-W4BgZ2GmEtujI7e1c-X36UQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Menon_Vinay_logo2012.jpg
images.thestar.com/FuWnbm-bnV211ScQjqBBSy07PH4=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 221ms
121ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/FuWnbm-bnV211ScQjqBBSy07PH4=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Menon_Vinay_logo2012.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 435f5b4b6bdad2aa44d4ca12e35984cf3e7d635aef0eb87b60fec70ada20ed8a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 17:52:53 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 6453151
etag: "6b43ce8a11191e4badf0588876579df6df7eee65"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1952
x-amz-cf-id: aDk1uNXMYh-KHuvjhiASpJrWptIPMp52gfdb21LYiANs9mzG_n5mtQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Keenan_Ed_logo2022.JPG
images.thestar.com/ehj3IqERoRybEG9UNWt1hcbAawg=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/ 2 KB
2 KB 283ms
183ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ehj3IqERoRybEG9UNWt1hcbAawg=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/columnist_logos/Keenan_Ed_logo2022.JPG
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3db1717afa872b8234dc813f0846b032eeac02c1aa5ebdf26ae46c2f2c8219bb

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 20:52:07 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 7392797
etag: "73160d5c3a6ec2324f5c6fe10401d858ceb2e018"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 1802
x-amz-cf-id: JdFWbA3EieHKZBXIvWhSaBVrmbSBjmJIpBTPbSaD1PfPsW04XKDNtA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 composite.png
images.thestar.com/5Bp0r1vmrJFs9Js86raqJkQqryg=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/13/horrified-pastor-of-east-end-toronto-... 60 KB
60 KB 214ms
114ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/5Bp0r1vmrJFs9Js86raqJkQqryg=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/13/horrified-pastor-of-east-end-toronto-church-speaks-out-about-antisemitic-graffiti-found-outside/composite.png
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8bc7ac2277df8fd580df4df070bf294bbd9440131ae0766b7542b27b82caf59a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 21:30:39 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 46485
etag: "2351a4533323f6f809879634f5f1b71491b7417b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 61342
x-amz-cf-id: OWfzq_L9X7YRpnVR_hUHQSqTl15dgNpnbLa3PaIeCLyHpP0I_Gvqsw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 police_at_school.jpg
images.thestar.com/zt052HSB7pgwdJbG6Xl0Upm9Zss=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/14/province-and-tdsb-discuss-how-to-lessen-school-vio... 38 KB
38 KB 204ms
104ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zt052HSB7pgwdJbG6Xl0Upm9Zss=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/14/province-and-tdsb-discuss-how-to-lessen-school-violence-amid-growing-concerns/police_at_school.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b6b6cfc47a537a834e72a6ac6d4161e9353f05b55b3d3115e72a70d87a43c9a7

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 02:16:25 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 29339
etag: "b890d5f54f08e8d79930da3d63685344121c34ed"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 38800
x-amz-cf-id: xeiVeGCynYJv4sqlW3wuJDQYBz3I1_-itVqmmR8ZhgRuHzleEmV20w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 fireworks.jpg
images.thestar.com/ZUzuyS58FuoWO_YlB5rCSHqsncY=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/13/toronto-will-hold-2-fireworks-display... 30 KB
30 KB 204ms
105ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/ZUzuyS58FuoWO_YlB5rCSHqsncY=/0x0:1200x800/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/13/toronto-will-hold-2-fireworks-displays-on-the-waterfront-to-ring-in-the-new-year-heres-where-to-watch/fireworks.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 53c67f888e77494785ed5083c2781b761509f173df12001d96ac19c3f2fca600

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:35:09 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 129015
etag: "c5ff45e3b2401152c113c516be50f8b01dce4e09"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 30680
x-amz-cf-id: 8Ow9gZrgAJWWH7BztLdNB42u8daWZmoVqqYYnEwcDkFyuUVcPhl5Ug==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20221214181224-639a5bb6821cf083b82c7cd6jpeg.jpg
images.thestar.com/qhOO9qQtW8rRChfQQdYyIcOLOKw=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/soccer/2022/12/14/morocco-makes-another-world-cup-statement-des... 30 KB
31 KB 204ms
105ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/qhOO9qQtW8rRChfQQdYyIcOLOKw=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/soccer/2022/12/14/morocco-makes-another-world-cup-statement-despite-loss/20221214181224-639a5bb6821cf083b82c7cd6jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f2ad5c205412991050da84a5578609acd2bcc88bfdbe94ff1ce5c9e3891e611a

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 23:40:42 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 38682
etag: "7be14914accb15e3a11346241690d89507e40ba1"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 30954
x-amz-cf-id: S74fH44V2bMniF6v4YI9woZORXHaaxcsckRu8wAEUqQIwUYyR6EmHA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 20221214171228-639a4e43821cf083b82c784ajpeg.jpg
images.thestar.com/d3uVvU0-EGqwnm2I5gI8w5UcquA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/soccer/2022/12/14/griezmann-gives-his-all-france-advances-to-wo... 54 KB
55 KB 200ms
105ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/d3uVvU0-EGqwnm2I5gI8w5UcquA=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/sports/soccer/2022/12/14/griezmann-gives-his-all-france-advances-to-world-cup-final/20221214171228-639a4e43821cf083b82c784ajpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 822abd0014493280715e641732fd9ef1543ebf20fc6a7e413c3c36cda099cbd8

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 23:34:30 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 39054
etag: "e3094a7e74d863ad51c405461ae065a7fd81012b"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 55692
x-amz-cf-id: wp0Kovm-ZNlgOw2TW315wl6f1dqDgBZsq9rQyq4EW__z5z-hK0r3jA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2022121317120-3be76c0a0b4890bc2f5acae6192f3e8eda1a918d7c73c85aed489cfeba027b95.jpg
images.thestar.com/VK1MRT-CRzgUCasZrtk60w-wy3I=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/15/the-self-driving-era-is-here-the-question-is-what-... 19 KB
20 KB 279ms
186ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/VK1MRT-CRzgUCasZrtk60w-wy3I=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/15/the-self-driving-era-is-here-the-question-is-what-comes-next/2022121317120-3be76c0a0b4890bc2f5acae6192f3e8eda1a918d7c73c85aed489cfeba027b95.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1f03b977a279b351799152fb2af429b68a82b3b08d2be2fe56eb855e9e5f6e44

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:30:46 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 3278
etag: "81404687ffe41b2fcf75ed5dc654fdb9d5ed9d17"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 19656
x-amz-cf-id: Gq8H_wPfez3S_a_MufNMb9NXZo_OPWownPuoWTvU3W5r19frYCFt-w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 pxid Show response
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/ 46 B
394 B 177ms
65ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/v2.0/pxid?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 89203a48409767e8e5eb40c9ae27fd6430b858aa76dc419a4fc203cced57960f

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
703 B 221ms
101ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:25 GMT
AN-X-Request-Uuid: 4defbdd1-ba6f-48ae-b7b1-5b9f82e81736
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.thestar.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.147.213.67; 185.147.213.67; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 239 B
365 B 164ms
66ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 32473a7fb0fb429b551fc40f0ba4db493f429ea10f003003df856fbfc83ee1db

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:24 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 171

GET
H2 200 css2
fonts.googleapis.com/ Frame F5C0 4 KB
1 KB 189ms
67ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Requested by

Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 09:38:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 10:25:25 GMT

GET
H2 200 d3v4.min.js Show response
misc.thestar.com/interactivegraphic/libraries/ Frame F5C0 207 KB
69 KB 679ms
677ms Script
application/javascript 108.138.7.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://misc.thestar.com/interactivegraphic/libraries/d3v4.min.js
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 8d07edb8bf98788bf512d51f8cc554f6.cloudfront.net (CloudFront)
date: Thu, 15 Dec 2022 10:25:26 GMT
last-modified: Wed, 10 Aug 2016 20:14:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
etag: W/"f332c3bb6d8a840f320b33fbb3d53a5b"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: EtTQihz6y2GvdcCRcvlC5WuboqgNAHOXuKaRvAOKDghsjOvewy0Ktw==

GET
H2 200 datastore_search Show response
data.ontario.ca/api/3/action/ Frame F5C0 1 MB
79 KB 1664ms
712ms Script
application/javascript 13.107.219.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=ed270bb8-340b-41f9-a7c6-e8ef587e6d11&offset=17&limit=10000&callback=getData1
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.219.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 6496f4f87d0be72e6e6c054818198865c20fc41899cc558b533c294fc8288dca

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0FfaaYwAAAADXm5C7AZl1S4MtJ9OpDr9ST1NMMjMxMDUwMjA1MDIzADU1NmY5ZGE3LTc3OGQtNGUwZi1iZmEyLTBkNDM1ZDljZTNjNw==
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
expires: Thu, 15 Dec 2022 10:55:26 GMT

GET
H2 200 datastore_search Show response
data.ontario.ca/api/3/action/ Frame F5C0 1 MB
87 KB 1622ms
670ms Script
application/javascript 13.107.219.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=e760480e-1f95-4634-a923-98161cfb02fa&limit=10000&callback=getHospitalData
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.219.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b1cd43cb109808b125fb2a3cd2cc7c15ab7a4887b4ad721163944673be6f8621

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0FfaaYwAAAADDw6ds9UFJRohh5DMMZOzdT1NMMjMxMDUwMjA1MDIzADU1NmY5ZGE3LTc3OGQtNGUwZi1iZmEyLTBkNDM1ZDljZTNjNw==
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
expires: Thu, 15 Dec 2022 10:55:26 GMT

GET
H2 200 datastore_search Show response
data.ontario.ca/api/3/action/ Frame F5C0 313 KB
31 KB 1662ms
711ms Script
application/javascript 13.107.219.45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ontario.ca/api/3/action/datastore_search?resource_id=8a89caa9-511c-4568-af89-7f2174b4378c&limit=10000&callback=getData2
Requested by: Host: misc.thestar.com
URL: https://misc.thestar.com/interactivegraphic/2020/coronavirus-dashboard/homepage-banner/hp-widget-2022.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.219.45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 36d6da6bddbe0683a9ee934c99439cb7423dc1ef960162e6026fcd2dd504087f

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://misc.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
content-encoding: gzip
x-cache-status: HIT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0FfaaYwAAAADd4kwkNOxNRpfSl//I6UHmT1NMMjMxMDUwMjA1MDIzADU1NmY5ZGE3LTc3OGQtNGUwZi1iZmEyLTBkNDM1ZDljZTNjNw==
cache-control: max-age=1800
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, X-Requested-With, X-Authorization
expires: Thu, 15 Dec 2022 10:55:26 GMT

GET
BLOB 200
OK e96d1dd5-5962-4dee-ad1a-524915c9ac30
https://www.thestar.com/ 193 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/e96d1dd5-5962-4dee-ad1a-524915c9ac30
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 197465

GET
BLOB 200
OK d004d033-6bce-4b7e-85c1-15b4bb4ea294
https://www.thestar.com/ 20 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.thestar.com/d004d033-6bce-4b7e-85c1-15b4bb4ea294
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length: 20393

GET
H3 200 pubads_impl_2022120801.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 166ms
55ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 17:29:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579344
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132306
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 09:38:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 08 Dec 2023 17:29:41 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 203 B
136 B 203ms
90ms XHR
application/json 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Thu, 15 Dec 2022 10:25:25 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1671099925065&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaki...
https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1671099925065&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Break...

0
189 B

60ms
59ms

Image
text/plain

99.86.4.32
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1671099925065&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Server: 99.86.4.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-32.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Fy6k7uk7U57jLH6s1G2DkGCWW856qkWP0BZqPVOPvWUDakbPFFl7LQ==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=3005674&cs_it=b3&cv=3.8.0.210223&ns__t=1671099925065&ns_c=UTF-8&c7=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&c8=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&c9=
date: Thu, 15 Dec 2022 10:25:25 GMT
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f22.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: 2oPufkCSJ9FihIYotonl_95g72jenBrOvS6r-MS107QMxP9MQZGEfA==
x-cache: Miss from cloudfront

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 182ms
60ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=6094ee53

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

0d448d7168293ecccaa0ec580dc913e5fa873c7e4c36bf86b4206da01d873f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27667
x-xss-protection: 0
server: sffe
etag: "1422 / 361 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 15 Dec 2022 10:25:25 GMT

GET
H2 200 breakingnews Show response
www.thestar.com/api/alerts/ 19 B
425 B 248ms
245ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/breakingnews

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"13-dtK7HFxXRJGTWdPpmheUxDbkx20"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: 8XmJHdKPHycBja-UFK6_Ux8okNh_0NjXwsBQCeWRGXsJj3YqFqUK4w==

GET
H2 200 updates Show response
www.thestar.com/api/alerts/ 19 B
424 B 278ms
276ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/alerts/updates

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:25 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"13-Ke/+pN/k0l2LXDxWablmwTVvPYs"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 19
x-amz-cf-id: Y23xq1E9DdcQ77EZj__M-e6CRa4qP977E_Nja7n1wnwPF80LGRrPtg==

GET
H/1.1 200
OK widgetloader Show response
widgets.media.sportradar.com/torontostar/ 310 KB
68 KB 746ms
523ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/widgetloader

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.js?v=6094ee53

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

ae315c29ae334453a9fe482d663ae85d33ae515ee3b8ed460f799ba085060a51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
ETag: "62baf6858c9c1cb8abef255c8a78f947-aff3afb9a8c3c6f6a1c92b9e53de126e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=120, stale-while-revalidate=60, immutable
Connection: keep-alive, Transfer-Encoding

GET
DATA 200
OK truncated
/ 10 KB
10 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77d626a876c1a69194fefaf80ac4c784e8fe03ea9810cd6b0ba486032cdec3d5

Request headers

Referer
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 56ms
56ms Other
image/svg+xml 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:58:49 GMT

GET
H3

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame EA19
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=464194&publicationId=thestar.com
https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com

25 KB
8 KB

86ms
85ms

Document
text/html

172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

4c9d535e4ba18aadcc6008e17f8447248d04dd3f173f5dc30d1d663ca8a8a71d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Bo5hAFQ2eBKj6lzZKuw_YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Bo5hAFQ2eBKj6lzZKuw_YQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Thu, 15 Dec 2022 10:25:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: script-src 'report-sample' 'nonce-uM7mKerQGoTN3VymwxGYqA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-type: application/binary
cross-origin-resource-policy: same-site
date: Thu, 15 Dec 2022 10:25:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 20221214151256-639a38943f42eaed209ecbb0jpeg.jpg
images.thestar.com/KKoPuV-mgqgxRdm5T64LO-6EXUs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/middleeast/2022/12/14/mbappe-france-advance-to-world-cup-fi... 87 KB
87 KB 54ms
52ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/KKoPuV-mgqgxRdm5T64LO-6EXUs=/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/world/middleeast/2022/12/14/mbappe-france-advance-to-world-cup-final-beat-morocco-2-0/20221214151256-639a38943f42eaed209ecbb0jpeg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3fbf84bed1ec3d2165803012e121eb38c4c380d476a795850dff51fe95989187

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:20:09 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 43517
etag: "4833d9f059850e854aadff8e07df0791b230bb44"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 88654
x-amz-cf-id: P8LVCsmPrFt_4yesbVW9r67vyqhpBOqV1EhGbq7wHM2wFzgWzqFvLQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 387 B
1 KB 274ms
65ms XHR
application/json 3.248.100.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&d_nsid=0&ts=1671099926111

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.248.100.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-100-224.eu-west-1.compute.amazonaws.com

Software

Resource Hash

c722a3cabb9ccaf939d3168401d5589617bc88fd2e359cabbe16df6752bf9901

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-0e1f48b6d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Hro6Rr3NQ4E=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.thestar.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 325
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 34 KB
12 KB 58ms
57ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:39 GMT
x-amz-version-id: eMLTBgxUmf7BQJj3fslrpLo3lRQP0Haw
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"dfdd9e1f988805f0c2fbb10cd6b8f034"
age: 3168
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: rjGmBbsam6rvVOOdNC9LAhj6KhQ9mzqrXC6WusYQzymIQKjMUn9y2g==

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/ 3 KB
2 KB 53ms
53ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:39 GMT
x-amz-version-id: Hg_M6hBFqt65sfp4Ax2o4qnVFLUBjYTR
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"b89fcb8870ac40eecb6d3cc844d35389"
age: 3168
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: bxREZgO-oJ6PaL70q0N6gGjj7m_rOduK6Iny-NAjtFg9Q7X_A09HwA==

GET
H/1.1 200
OK services Show response
sr.studiostack.com/v3/ 26 KB
26 KB 192ms
58ms Script
application/x-javascript 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/v3/services
Requested by: Host: adserver.pressboard.ca
URL: https://adserver.pressboard.ca/v3/embedder?media=130507
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 60f49cf33a1dda83996fc7b213280f2fdf40af97bc73f0074ddc9dff83b2754b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:26 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 26227
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
88 B 128ms
69ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: cca1dee436baf2725df3fbc3ae66edd667aff987e33552c9f99e29be42df910c

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70

GET
H2 200 p.js Show response
cdn.parsely.com/keys/thestar.com/ 73 KB
26 KB 194ms
53ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/thestar.com/p.js
Requested by: Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 11:14:31 GMT
content-encoding: gzip
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified: Fri, 24 Jun 2022 01:41:35 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
age: 83738
etag: W/"62b5164f-12236"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: BWoNE52uICzbbAgXb8mgFQqVKz6yuxkBOLqsOuQwFDIDl5mPliu1vg==
expires: Thu, 15 Dec 2022 11:09:48 GMT

GET
H3 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/thestar.com/ 2 B
59 B 127ms
119ms Fetch
application/json 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/thestar.com/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin; report-to="SubscribewithgoogleClientHttp"
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
report-to: {"group":"SubscribewithgoogleClientHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientHttp/external"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 12 KB
4 KB 468ms
392ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 14e860c59261c99ef9465777acb1d0f741f45218117cd0ba6d40f078c37c6976

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 6 KB
2 KB 394ms
325ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 2f1bd6bd1de6aa1df427a46eb9ce5fbe77d40520860879493f77e19f33329213

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 10 KB
3 KB 415ms
354ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 4aac21be10afdbda7f8473604eb829b85a32cc3a383ec81816eb868a953e1d11

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 11 KB
3 KB 444ms
386ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: b3b6d99d4c0ac0e30d8402972a98944c57dba4f5bc2f039066692b0648d32ecd

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 11 KB
3 KB 419ms
369ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 17659bedbfb7966dada8d149a4adac6bef774310be0a08ba1060b82033785281

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 5 KB
2 KB 426ms
379ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: c0204c308d2690913aae8d675cb5c7fe85ca7a4de2aa3a7bf515085bc6ee1a23

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 12 KB
4 KB 376ms
349ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: d84561c6e096fe5878858961ac473a3225075b9836c67b856713a418408375a0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
175 B 305ms
240ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=pageview&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=4303&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=26&jsfv=nbc&ts=1671099926269&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
55ms Script
text/javascript 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 09:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3649
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 15 Dec 2022 11:24:37 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals
https://unpkg.com/web-vitals@3.1.0
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

7 KB
3 KB

43ms
39ms

Script
application/javascript

104.16.125.175
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

104.16.125.175 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2538101
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GHZ0HVFWZ3KFXGQR57MA639P-ams
server: cloudflare
etag: W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 779e79ad2d0398f7-ARN

Redirect headers

date: Thu, 15 Dec 2022 10:25:26 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GHZ10F7ZSKRTGDP18ESCN4R7-ams
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2537622
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control: public, max-age=31536000
cf-ray: 779e79acac4698f7-ARN

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
76 KB 194ms
84ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

fa943566c14f4abb8d797044fb848c174e41022bb78e065d52d55bb60d85c501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77388
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 182ms
73ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

f93b6e722398da13c2fbffc2218c6a46107ddb5e7be9030f9bd4a7e2cd481bea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77791
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:26 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 126 KB
22 KB 536ms
534ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/DG/DEFAULT/rest/rpc/1009?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=&overruleReferrer=&time=2022-12-15T10%3A25%3A26%2B00%3A00&ts=1671099926351

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

9090355b6e372917709cd2e3bb7a6eb42438640afb5464ab6c5b7dfd1e3e569f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 21111
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 7CMeBaA6xMN187PKcTf5gfaw95dihU_bnpbKlPz3gSompxdV5-MRIQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame EA19 0
25 B 114ms
110ms Other
text/html 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-CmYc5ujz9H30oJZMHBgpRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-CmYc5ujz9H30oJZMHBgpRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame EA19 21 KB
6 KB 56ms
55ms Stylesheet
text/css 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

sffe /

Resource Hash

c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:02:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6458
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 19:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:52:41 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABX... Frame EA19 178 KB
63 KB 365ms
53ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

4f5258b77094e2764ed3cbaccfa9a241723c11ed8f813f857eb176e5f9a19bce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:06:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64157
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 03:53:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 18:06:43 GMT

POST
H2 200 model Show response
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 6 KB
2 KB 326ms
326ms XHR
application/json 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/model
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: b9dd3c1ec4b94f2ccb1af99101eb80c77290be7eec12e07e1dcb1b138781c23a

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
309 B 53ms
52ms XHR
text/plain 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=5028&u=https%3A%2F%2Fwww.thestar.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 06:32:02 GMT
via: 1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 14003
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.thestar.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: xr4tFBVHp6f5iVqk8t5iKuIDg23LHsE-Pt3DSjt9L-h7jzuEi6KLeg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 161ms
55ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 fd3cce3e0bafd8b312277d0ad9f4762e.cloudfront.net (CloudFront)
date: Thu, 15 Dec 2022 02:33:00 GMT
x-amz-cf-pop: FRA56-C2
age: 28546
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: egKszBvdEGj2STImeToVrrYuTNgNXNvFp_J8Php5PiFpZM2bR9QV1Q==

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v12/ Frame F5C0 37 KB
37 KB 325ms
69ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v12/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://misc.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 16:54:37 GMT
x-content-type-options: nosniff
age: 235849
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37924
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 16:54:37 GMT

GET
H/1.1 200
OK dest5.html Show response
torontostarnewspaperslimited.demdex.net/ Frame 67E4 7 KB
3 KB 372ms
67ms Document
text/html 34.247.240.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://torontostarnewspaperslimited.demdex.net/dest5.html?d_nsid=0

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.247.240.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-247-240-197.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: WsUuJVDYRw8=
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:26 GMT
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
vary: accept-encoding

GET
H2 200 id Show response
s.thestar.com/ 48 B
458 B 293ms
59ms XHR
application/x-javascript 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=19A568F454F72DAF0A4C98A6%40AdobeOrg&mid=45260495460690880700815615972614243332&ts=1671099926459

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

5ac3beb9a5f19dec42378f034dac37d91551f3d83aa5de5157d9c35995c1a54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.thestar.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y5r2FgAAANq8cwOJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=45223963162903381240818708520509627918
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5r2FgAAANq8cwOJ

42 B
942 B

68ms
66ms

Image
image/gif

3.248.100.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5r2FgAAANq8cwOJ

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

HTTP/1.1

Server

3.248.100.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-248-100-224.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-03da2f349.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Bis9QoRoSQU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y5r2FgAAANq8cwOJ
Date: Thu, 15 Dec 2022 10:25:26 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 69ms
65ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:26 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 176ms
61ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 10:25:26 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK attention-data Show response
sr.studiostack.com/track/ 121 B
608 B 495ms
382ms XHR
application/json 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-data?media=130507&ref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 3c40eb2445be3674ee28b2a819223dad84309b9b096e57a6ed7601aad8e6df95

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:26 GMT
ETag: W/"79-PcKqYROAiDOlzT5Q7IhVhn2WmG0"
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 121
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H/1.1 200
OK chunk.89041.5ed90db3.js Show response
widgets.media.sportradar.com/assets/js/ 135 KB
40 KB 63ms
63ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.89041.5ed90db3.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

732d62721e90f0b16bca7a3a43b89eb3a801fbd892c75be871b3b193b93d0972

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Thu, 01 Dec 2022 14:26:42 GMT
X-Served-At: Thu, 01 Dec 2022 15:32:25 GMT
ETag: "caef73806e7bc3e502aa45b6115c0fa7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40265
Expires: Sun, 01 Jan 2023 15:32:25 GMT

GET
H/1.1 200
OK chunk.57420.91b9c02d.js Show response
widgets.media.sportradar.com/assets/js/ 331 KB
88 KB 163ms
56ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.57420.91b9c02d.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

f5d9b4d95a45cf4213f20157c8225a1bde6a0f0aa14c67f8c0137955626ee764

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 09 Dec 2022 09:35:15 GMT
X-Served-At: Fri, 09 Dec 2022 10:23:59 GMT
ETag: "05d8fde4fa7617283dcdfa73354a4a0b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89297
Expires: Mon, 09 Jan 2023 10:23:59 GMT

GET
H/1.1 200
OK chunk.74425.368dcc59.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
5 KB 199ms
56ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.74425.368dcc59.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

6b81817498af5e4b6a374d4fafa0f2f42fd8b8fc81ed36444ce73c273e1a568c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 02 Dec 2022 14:41:19 GMT
X-Served-At: Tue, 06 Dec 2022 03:41:27 GMT
ETag: "1ea0a42a37196f04cd87dd145865e063"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4698
Expires: Fri, 06 Jan 2023 03:41:27 GMT

GET
H/1.1 200
OK chunk.75472.9f323d36.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
9 KB 217ms
53ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.75472.9f323d36.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

d6ac5b7edae70706983d79b731280c35fd2a9f08269871f792a415325a035217

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
X-Served-At: Thu, 01 Dec 2022 10:27:58 GMT
ETag: "35c6a952713d69a8ad5d6cb7bcfb1dfe"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 8279
Expires: Sun, 01 Jan 2023 10:27:58 GMT

GET
H/1.1 200
OK chunk.58047.b79c9d96.js Show response
widgets.media.sportradar.com/assets/js/ 10 KB
4 KB 238ms
58ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.58047.b79c9d96.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

4542b9d8c313c5e4232bc17332661fe489a19378e2d3c69ae4579dec0a314ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 02 Dec 2022 14:41:19 GMT
X-Served-At: Tue, 06 Dec 2022 03:41:27 GMT
ETag: "6783f18f79854727c4f2a1fb91439eea"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3644
Expires: Fri, 06 Jan 2023 03:41:27 GMT

GET
H/1.1 200
OK chunk.87159.e7b55924.js Show response
widgets.media.sportradar.com/assets/js/ 110 KB
30 KB 250ms
69ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.87159.e7b55924.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

5954ef8a3e4b8d537942fa60b6449e7220636a6adf07a728e54287d2a0039223

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 09 Dec 2022 09:35:15 GMT
X-Served-At: Wed, 14 Dec 2022 17:03:36 GMT
ETag: "fe117aa4859e41ca1ae574dcbe3477e3"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29959
Expires: Sat, 14 Jan 2023 17:03:36 GMT

GET
H/1.1 200
OK chunk.872.d9c0bff2.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
6 KB 61ms
55ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.872.d9c0bff2.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Tue, 11 Oct 2022 07:39:10 GMT
X-Served-At: Tue, 11 Oct 2022 08:19:21 GMT
ETag: "2e33f72f6efa38ea0852e0d2951de36a"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5766
Expires: Fri, 11 Nov 2022 08:19:21 GMT

GET
H/1.1 200
OK chunk.88139.274c7355.css
widgets.media.sportradar.com/assets/css/ 20 KB
4 KB 127ms
57ms Stylesheet
text/css 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.88139.274c7355.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 09 Dec 2022 09:35:15 GMT
X-Served-At: Mon, 12 Dec 2022 04:41:18 GMT
ETag: "c49787c1d88ae88587d40d3a2128e530"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3803
Expires: Thu, 12 Jan 2023 04:41:18 GMT

GET
H/1.1 200
OK chunk.88139.9c339725.js Show response
widgets.media.sportradar.com/assets/js/ 22 KB
7 KB 57ms
55ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.88139.9c339725.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

3c39f4c344a99cc3c2e218636a25c69d4e917468ac61cd6e6c184ea76a23d8f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Thu, 10 Nov 2022 20:20:57 GMT
X-Served-At: Fri, 11 Nov 2022 18:13:28 GMT
ETag: "4658eee137f010be1fca4b0c996feec1"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6586
Expires: Mon, 12 Dec 2022 18:13:28 GMT

GET
H/1.1 200
OK chunk.56615.7b1f69fe.js Show response
widgets.media.sportradar.com/assets/js/ 23 KB
7 KB 60ms
60ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.56615.7b1f69fe.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 09 Dec 2022 09:35:15 GMT
X-Served-At: Wed, 14 Dec 2022 17:01:03 GMT
ETag: "17d28dd8a0d379cf3bf8a0fde19671e3"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7004
Expires: Sat, 14 Jan 2023 17:01:03 GMT

GET
H/1.1 200
OK chunk.36369.212664df.js Show response
widgets.media.sportradar.com/assets/js/ 12 KB
4 KB 56ms
54ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.36369.212664df.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
X-Served-At: Thu, 01 Dec 2022 10:27:58 GMT
ETag: "d732fcd8139e215ea39b473933d09bdc"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 3139
Expires: Sun, 01 Jan 2023 10:27:58 GMT

GET
H/1.1 200
OK chunk.99585.af844e79.js Show response
widgets.media.sportradar.com/assets/js/ 14 KB
6 KB 67ms
63ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.99585.af844e79.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

4d745e8b5de29c794d781c7dde118aa34cc84377b9d6218fd6368895b97d7a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 02 Dec 2022 14:41:19 GMT
X-Served-At: Tue, 06 Dec 2022 03:41:27 GMT
ETag: "d6063eeaacaed78f1641ee5f5a912ee4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5103
Expires: Fri, 06 Jan 2023 03:41:27 GMT

GET
H/1.1 200
OK chunk.73555.77a50cf7.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
4 KB 55ms
53ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.73555.77a50cf7.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

d5216fe5bc0a5dc5bcb78d6be4d0d95d678bbf43d56dff9f14d45b7522135d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
X-Served-At: Thu, 01 Dec 2022 10:27:58 GMT
ETag: "d45e4baf699c0bb136cb9f88d113bccd"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 3854
Expires: Sun, 01 Jan 2023 10:27:58 GMT

GET
H/1.1 200
OK chunk.5871.33f7222c.js Show response
widgets.media.sportradar.com/assets/js/ 8 KB
3 KB 59ms
57ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.5871.33f7222c.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 02 Dec 2022 14:41:19 GMT
X-Served-At: Tue, 06 Dec 2022 03:41:27 GMT
ETag: "7fec7d978e30bc583c1a19f722210edb"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2970
Expires: Fri, 06 Jan 2023 03:41:27 GMT

GET
H/1.1 200
OK chunk.69233.ab27f24d.js Show response
widgets.media.sportradar.com/assets/js/ 29 KB
8 KB 61ms
60ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.69233.ab27f24d.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

2d544d485ac09ba55e1dd3c97c7160a071fb7ff8e7c46266b1b39c7b0097d437

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
X-Served-At: Thu, 01 Dec 2022 10:27:58 GMT
ETag: "04f338330807326e6a8c16143df2d309"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 8163
Expires: Sun, 01 Jan 2023 10:27:58 GMT

GET
H/1.1 200
OK chunk.59886.5826fb7e.js Show response
widgets.media.sportradar.com/assets/js/ 45 KB
12 KB 121ms
87ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.59886.5826fb7e.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

dc46445dba809944b9cdb588cc0788e7228f40850ff3dd810ebb79113a05f2c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Wed, 07 Dec 2022 13:16:09 GMT
X-Served-At: Wed, 07 Dec 2022 16:23:15 GMT
ETag: "1a86c44b36a8a0e56ffc1266d5b7272b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12047
Expires: Sat, 07 Jan 2023 16:23:15 GMT

GET
H/1.1 200
OK chunk.70689.783e84f4.js Show response
widgets.media.sportradar.com/assets/js/ 13 KB
4 KB 96ms
78ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.70689.783e84f4.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Thu, 01 Dec 2022 14:26:42 GMT
X-Served-At: Thu, 01 Dec 2022 15:32:26 GMT
ETag: "547e83aea16d9f6505d68c813bdf23d9"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3272
Expires: Sun, 01 Jan 2023 15:32:26 GMT

GET
H/1.1 200
OK chunk.83679.e2b47f10.js Show response
widgets.media.sportradar.com/assets/js/ 27 KB
7 KB 94ms
75ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.83679.e2b47f10.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Fri, 02 Dec 2022 14:41:19 GMT
X-Served-At: Tue, 06 Dec 2022 03:41:27 GMT
ETag: "ef4b2e812247d35ae451639597ae1800"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6245
Expires: Fri, 06 Jan 2023 03:41:27 GMT

GET
H/1.1 200
OK chunk.84814.94151ddb.js Show response
widgets.media.sportradar.com/assets/js/ 17 KB
6 KB 94ms
75ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.84814.94151ddb.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

fbf4b1f343969be452f7a19969ae28e30fb62f6e65078054eced997d36e7a1fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Fri, 02 Dec 2022 11:32:46 GMT
X-Served-At: Fri, 02 Dec 2022 12:03:43 GMT
ETag: "a07ae0c4a3b3bf30a2fd24b6d3750f4c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5484
Expires: Mon, 02 Jan 2023 12:03:43 GMT

GET
H/1.1 200
OK chunk.95874.4fb5d507.js Show response
widgets.media.sportradar.com/assets/js/ 24 KB
8 KB 87ms
84ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.95874.4fb5d507.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

b5b2a6aabb0cdfa4bf76e8876600a3ed400d20382af69dd4f02d1d8b39f8e987

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Fri, 02 Dec 2022 14:41:19 GMT
X-Served-At: Tue, 06 Dec 2022 03:41:27 GMT
ETag: "dcddfab1441e0fe9f681d17585b1be9f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8128
Expires: Fri, 06 Jan 2023 03:41:27 GMT

GET
H/1.1 200
OK chunk.94135.4d403a5f.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
5 KB 75ms
74ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.94135.4d403a5f.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

0f10f306800688e4f0063512ff6fb92ce005233bbc9a2cc7503a1f61796fbeca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Fri, 09 Dec 2022 09:35:15 GMT
X-Served-At: Sat, 10 Dec 2022 14:23:21 GMT
ETag: "c11578cebd2da4f5302f106e7e2a68a3"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4093
Expires: Tue, 10 Jan 2023 14:23:21 GMT

GET
H/1.1 200
OK chunk.85559.8489672a.js Show response
widgets.media.sportradar.com/assets/js/ 11 KB
5 KB 73ms
72ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.85559.8489672a.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

e53a1375f8d36007187704ee2cdf6c752c3f8df8d5f4d8664e047d240b246ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
X-Served-At: Thu, 01 Dec 2022 10:27:58 GMT
ETag: "c9ef8d83f1c09169977d6959d7058d55"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 4217
Expires: Sun, 01 Jan 2023 10:27:58 GMT

GET
H/1.1 200
OK chunk.us.common.scoreTicker.ea714b5a.css
widgets.media.sportradar.com/assets/css/ 38 KB
5 KB 141ms
55ms Stylesheet
text/css 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/css/chunk.us.common.scoreTicker.ea714b5a.css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

82f59a30f5185074ab367843e8f649d0e2f4f6bbff6db8c9a852931d220f0699

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 02 Dec 2022 11:32:46 GMT
X-Served-At: Fri, 02 Dec 2022 12:03:43 GMT
ETag: "9faab841da6c8622e5f390f8e3004a3e"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4569
Expires: Mon, 02 Jan 2023 12:03:43 GMT

GET
H/1.1 200
OK chunk.us.common.scoreTicker.3fc6af0b.js Show response
widgets.media.sportradar.com/assets/js/ 171 KB
44 KB 90ms
89ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.us.common.scoreTicker.3fc6af0b.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

b070538b2ac9b7389b490be8d96aaa9d188e59dd330e174b01a52edce49eef8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Wed, 07 Dec 2022 13:16:09 GMT
X-Served-At: Wed, 07 Dec 2022 16:23:15 GMT
ETag: "d427bf92beb34eeae2fc116668ca0262"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44877
Expires: Sat, 07 Jan 2023 16:23:15 GMT

GET
H/1.1 200
OK chunk.react.0ddc5c6a.js Show response
widgets.media.sportradar.com/assets/js/ 129 KB
42 KB 133ms
113ms Script
application/javascript 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/assets/js/chunk.react.0ddc5c6a.js

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Tue, 08 Nov 2022 21:22:59 GMT
X-Served-At: Wed, 09 Nov 2022 13:57:50 GMT
ETag: "c7bdd38c3252c749e884e2d30a454945"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=2678400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42582
Expires: Sat, 10 Dec 2022 13:57:50 GMT

GET
H/1.1 200
OK en_us.json Show response
widgets.media.sportradar.com/translations/ 107 KB
26 KB 227ms
59ms XHR
application/json 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/translations/en_us.json?v=1670578147557&h=0a85e093fc3d495c20cfc910a8752d45

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

d1a5cef928708ca7a4eb8105f983d486bc533af56addcb258a975e43f97ce84f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:26 GMT
Last-Modified: Fri, 09 Dec 2022 09:29:07 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=5270400, stale-while-revalidate=604800, immutable
Connection: keep-alive
Content-Length: 26061

GET
H/1.1 200
OK css Show response
widgets.media.sportradar.com/torontostar/ 37 KB
5 KB 634ms
467ms XHR
text/css 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/css

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
Last-Modified: Fri, 09 Dec 2022 09:29:20 GMT
Vary: Accept-Encoding
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=30, stale-while-revalidate=60, immutable
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4246

GET
H/1.1 200
OK licensing Show response
widgets.media.sportradar.com/torontostar/ 12 KB
10 KB 633ms
465ms XHR
text/plain 95.101.111.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.sportradar.com/torontostar/licensing

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-162.deploy.static.akamaitechnologies.com

Software

Resource Hash

645f956c61a6a68de775ede8b175aa3d2ceb73f36a2967c4b033dddc1e8b918c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Strict-Transport-Security: max-age=15724800; includeSubDomains
Content-Encoding: gzip
Date: Thu, 15 Dec 2022 10:25:27 GMT
ETag: "8606f85c1665e86e1fe8930dc0c35bac"
Vary: Accept-Encoding
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=200, stale-while-revalidate=60, immutable
Connection: keep-alive
Content-Length: 9492

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame EA19 15 KB
16 KB 156ms
57ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=464194&publicationId=thestar.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 513021
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 11:55:05 GMT

POST
H2 200 auction Show response
elb.the-ozone-project.com/openrtb2/ 177 B
387 B 558ms
390ms XHR
application/json 63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/openrtb2/auction
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ee4618bb5e5f9053b11f150eea7c38675e18c31753662b55a5cf212818241763

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:27 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 177
expires: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 182ms
69ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2015298163&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=558589789&gjid=846376918&cid=992549094.1671099927&tid=UA-70431129-1&_gid=2030380028.1671099927&_r=1&gtm=2wgbu0P86MZHL&cd9=web&cd14=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&z=187983157

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 163ms
69ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=2015298163&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABAAAAAC~&jid=21730728&gjid=983317907&cid=992549094.1671099927&tid=UA-73335503-3&_gid=2030380028.1671099927&_r=1&gtm=2wgbu0P86MZHL&z=649612757

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
2 KB 238ms
238ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d53aa53a8ec2a5561ad19b4955ebb5dd5130fddc5b07bd01f18cba337525559e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"157f-0T62ewVJZNrzHmLEfIOlu487IEo"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: xFQMNV1KbArq8FU62q9KUjoaII2oFISGvubarzIRjwjKOWBboVQ0zQ==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 112ms
40ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B4CQN4KW3R&gtm=2oebu0&_p=2015298163&_gaz=1&cid=992549094.1671099927&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671099926&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Asset_Alias=&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
54 B 173ms
54ms Ping
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B4CQN4KW3R&cid=992549094.1671099927&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B4CQN4KW3R&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
107 B 221ms
70ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B4CQN4KW3R&cid=992549094.1671099927&gtm=2oebu0&aip=1&z=33993778

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
347 B 78ms
38ms Ping
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-6FZFMVVWVN&gtm=2oebu0&_p=2015298163&_gaz=1&cid=992549094.1671099927&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671099926&sct=1&seg=0&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&en=page_view&_fv=1&_ss=1&ep.Page_Type=home&ep.Site_Type=core%20site&ep.Breakpoint=desktop&ep.Orientation=landscape&ep.Asset_Alias=&ep.Source=web&ep.User_Agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F108.0.5359.124%20Safari%2F537.36&up.Torstar_User_ID=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
347 B 140ms
54ms Ping
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-6FZFMVVWVN&cid=992549094.1671099927&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6FZFMVVWVN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.5.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 187ms
68ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6FZFMVVWVN&cid=992549094.1671099927&gtm=2oebu0&aip=1&z=1468394703

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 10 KB
2 KB 245ms
238ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9a133709eff0bc969381e6f44dc7d3721fe37023458b53ee5641d1bc6f13a266

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2664-2ZwZ1LtfEJRtvRd9Wn3yZF4MCLs"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: 5GgzbllruA5OSJgtAbTjiFhNLg71Cfk4PN1H2eaoavRe13maoH640Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
2 KB 249ms
243ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

737e463b95210264b08e788a164f94545cedc5ff227ffd36d29b0643bf1e7bce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1c14-iP60PBzStBsqoUXhmrRGznZpHxA"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: gl1pRbNIIoxHDx1yeFsKa0zBDufBFm8dNaAv7YgmlmACNH5Nc1bo9A==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 245ms
241ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

360b38b1a37784f2d81d3a4aeb32c828c0b45dfe91f65b1c74a617eba261ff49

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1112-TBruBhGCJhghi2mXlNjOxSTV/Lk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: D-FvZECCsZIYFqLNC7mzOxi1Ic4l8xtJqO967cEdyWyQ8zRffISPMQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
2 KB 246ms
244ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

761f3f860ab5eba9b6f05d233d99c8bade27165e8006dffda9429ce6de20c407

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:26 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2138-CaByNckrDm/asXdw4PjhQDSnkUk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: VVPuFVKhIZ3rYbAOg4vCVRTrdGOSIDdUcZ9a6xQEC5jkL6rPShtl-w==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
1 KB 289ms
289ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

1a8329c3a789347a61f27af4afb47bddea014db4b98b4f6161d0433cabe226a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"10ae-yTZkOwSB3PPMiOsfd80qnA6z3BU"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: FwrcdPTtGge42lCalkl22vmgm1A0Ho0oKl-nl-J2MZfHlc0KzmJoyQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
2 KB 291ms
291ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6695e4c6e9da48a120eeda0104875738d04769eb7032493aefa38c8545367c35

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"22e1-ZCZ/9j9CNdgg8gdSr+mwjdolEQ4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: JNGWGQCJeQoevPl8fmsWoKCljUJsdyCb2ZlHaU2U4YdQtYx1KDyLUQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
2 KB 299ms
298ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

04293c933dfb611c4b07c2fe6e8d51cc0a89e87d01e069f4516267e137a5024e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"239a-fDerFWPKYnu0cYlS8HdcKFtqtdk"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: x98REetukmeIsBc8sOsJ9VbKih4jQWhlwerJ7ocYb0hsjwndjlGVPw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
148 B 68ms
51ms XHR
text/plain 142.251.5.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-70431129-1&cid=992549094.1671099927&jid=558589789&gjid=846376918&_gid=2030380028.1671099927&_u=YEBAAAAAAAAAAC~&z=549315687

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.5.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wg-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 15 Dec 2022 10:25:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame EA19 133 KB
45 KB 242ms
88ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/am=OgwAEA/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI6KcHa0b7Sf_viU5Xrn9kyIJUl92Q/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

9ff79f831706ee98020c617518d4dea792976313b1ce1ab3d07d12f4639bcece

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45910
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:55:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 18:17:28 GMT

GET
H2 200 26306de9dd7211366ce9d6420871f067 Show response
n511.thestar.com/plugin/plugin/ 212 KB
47 KB 205ms
77ms Script
text/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugin/plugin/26306de9dd7211366ce9d6420871f067

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

4cd5158b8032b8bc89110a709e1f5ed949f5eda60ecf7d164c7d05acf2eefb4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 01:16:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 32957
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 47944
x-xss-protection: 1; mode=block
last-modified: Wed, 14 Dec 2022 01:16:10 GMT
server: -
etag: 26306de9dd7211366ce9d6420871f067
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: vDnJA2Gx07KRi1EN37d1aQrlsk0S2jJq4YXENB5OOM9B9diPlwvYMg==
expires: Fri, 15 Dec 2023 01:16:10 GMT

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
5 KB 392ms
297ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

d4308d192449ab713fa9a883112c92a79a9678e4c9953eec851c3ce893119386

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"13db-56fzo4B0L2y5D8eeGixnATR0so0"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5083
x-amz-cf-id: N9DOTJH47CBfzls6fjsE535wQrWHWj1jIAu7-jVEMWSNe5yCqaj1ZQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 9 KB
9 KB 313ms
288ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

245c651d9f27e8e9cee5fde8917a34731cb9aa5ffda2cac731370b3fb9de7d50

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2386-25yfGGxJnSHMjnZgqNsvQYIa82Q"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 9094
x-amz-cf-id: ACYkNGGkzQEjkyAKonT6iFo_06SvtrNFkjr3zV-qMo4OPYK--61Fyw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 292ms
277ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4184cca79f5bf9f2307db11b9ea1db6542f8af3bbe4947300720c742e935f73b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"fd7-jiwts8Y6AaEUzTUVHHRSyvhAr+4"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 4055
x-amz-cf-id: dTv-b4-WuQ75uSHR7JWXm4Z6hve6smj0LMyJ24tPweUR5YR04ldCJw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 7 KB
7 KB 283ms
276ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a11bd248810cdf7bff6c46dd6d4619e639fa3ebf9e2cb2c39fd1169417308043

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1a09-j0hB4YwhOlHa445EteV1nyg9Ha8"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 6665
x-amz-cf-id: Uc_U4LS8IbKpcbkBbwMxY1NilgwiB1cBg4KJLNHWEMNf5bW9zzeiFA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
8 KB 279ms
258ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

43fae1fa8a38225ca21e66b1819af72c8928b58d0c53838b32dcfb5a82ff6697

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1ec2-ZyVREWZVx4OmVEYeumvxyh2cV9o"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 7874
x-amz-cf-id: svUWTgleWltrVc3iYGo4X1BClGNIlHHcu19vcNFvhFJ8VGj7kbX4Iw==

GET
H2 200 config Show response
push.kumulos.com/v1/web/ 2 KB
1 KB 110ms
80ms Fetch
application/json 138.68.96.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/web/config

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.68.96.220 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubdomains;
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-max-age: 36000
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

POST
H2 204 events
events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/ 0
0 86ms
85ms Fetch 165.232.66.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

165.232.66.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

POST
H2 204 events
events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/ 0
0 86ms
85ms Fetch 165.232.66.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/events

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

165.232.66.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
strict-transport-security: max-age=15552000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
access-control-max-age: 36000
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 config
push.kumulos.com/v1/web/ Frame 0
0 412ms
66ms Preflight
text/html 138.68.96.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/web/config

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.68.96.220 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: GET,HEAD
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:27 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/ Frame 0
0 400ms
55ms Preflight
text/html 165.232.66.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

165.232.66.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:27 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

OPTIONS
H2 200 events
events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/ Frame 0
0 398ms
54ms Preflight
text/html 165.232.66.42
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://events.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/events

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

165.232.66.42 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: POST
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:27 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 4 KB
4 KB 295ms
288ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

8f873bae7685fa7402b4bbfc9044362459efdc1618b06b4f3702dbb273123c9b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"f73-Qu/FuZqk87y2U2Xgh0yAseBqpqU"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3955
x-amz-cf-id: 6wgFwP2F0XwWMYykoM7rSGDQLqh3bru-oImg1F0XivmcDq-yI9I0ew==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
9 KB 259ms
254ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

7d241e76fab5c5eba6535678bfde9777f7b142605c01ae285a5b82984e765aac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"206b-3l5eAY7GOD9Ar8Hoq8mfze0dnZ0"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 8299
x-amz-cf-id: 4Ymk_JMwr7aqIDO2FtLykoF_zQ7V5ONvTbYonz4IdS-6WsuMJGhhNg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 8 KB
9 KB 291ms
287ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

59690c043b6d4ebde3637a40f014624845672d25662b45eb6926b227a894d2f6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2124-eAgU5zLgfoFr8ViDoGmTH+ZJadU"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 8484
x-amz-cf-id: NbTFKzfPELeJ2BUocn24reS6iA80qr4aAuxKIh8_SWyp95mLeUwBAg==

GET
H/1.1 200
OK / Show response
p1.parsely.com/plogger/ 43 B
259 B 355ms
76ms Fetch
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p1.parsely.com/plogger/?rand=1671099927205&plid=17488807&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2245260495460690880700815615972614243332%22%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1671099926552&slts=0&date=Thu+Dec+15+2022+10%3A25%3A27+GMT%2B0000+(GMT)&action=heartbeat&inc=1&tt=518&u=pid%3Da7b6af8eb6e46cd7590b358c988b5c9d
Requested by: Host: cdn.parsely.com
URL: https://cdn.parsely.com/keys/thestar.com/p.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 10:25:27 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 15-Dec-2022 10:25:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ruleenginedata Show response
www.thestar.com/api/ 11 KB
3 KB 432ms
420ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/ruleenginedata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2c58-On6xrYp0/du6eGARnnYHeUEyBMw"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: AmfdSdhdkSIJdhMinHoPkdW8uXys3CmUY5Rp0IAMKU68YGHS40gUvQ==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 328ms
74ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671099927250&plid=17488807&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2245260495460690880700815615972614243332%22%2C%22_scrollIncrement%22%3A1%2C%22_scrollMethod%22%3A%22heartbeat%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10907%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1671099926552&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Thu+Dec+15+2022+10%3A25%3A27+GMT%2B0000+(GMT)&action=_scroll&u=pid%3Da7b6af8eb6e46cd7590b358c988b5c9d
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 10:25:27 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 15-Dec-2022 10:25:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 329ms
75ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671099927265&plid=17488807&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2245260495460690880700815615972614243332%22%2C%22_scrollIncrement%22%3A0%2C%22_scrollMethod%22%3A%22pageview%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A10907%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1671099926552&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Thu+Dec+15+2022+10%3A25%3A27+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=55996908&u=pid%3Da7b6af8eb6e46cd7590b358c988b5c9d
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 10:25:27 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 15-Dec-2022 10:25:27 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
604 B 215ms
71ms Stylesheet
text/css 142.250.185.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Requested by

Host: client
URL: about:client

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f10.1e100.net

Software

ESF /

Resource Hash

495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 10:25:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 15 Dec 2022 10:25:27 GMT

GET
H2

200

MerriweatherSans-Regular.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

54 KB
54 KB

74ms
73ms

Font
font/woff2

13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Protocol

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3880
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 55032
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d6f8-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 0DV46wYFXQl8ZybGcMreBOf4x9EzzsR2uLzE4hz1MaQO_S_7BQmTnQ==

Redirect headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Regular.woff2?rf
content-length: 0
x-amz-cf-id: ry5LtWyo6eeMZdbaT2nKSeZfNp82z1WF9PYzNTRWG9lwicNWd2PtEw==

GET
H2

200

MerriweatherSans-Bold.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

55 KB
56 KB

87ms
86ms

Font
font/woff2

13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Protocol

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3880
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 56380
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"dc3c-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: 7DZYuoPmMqcuJ4uzK5GTeTREtruEW7Rzx8_vgm02TtphwgzEeUblkg==

Redirect headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Bold.woff2?rf
content-length: 0
x-amz-cf-id: K5qQu0q7Rh6_YuteaA7b4vFpk_w0hm5GJjl0EY7VxZw3Huco3SOSeg==

GET
H2

200

MerriweatherSans-Black.woff2
www.thestar.com/assets/fonts/merriweather/
Redirect Chain

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2
https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

53 KB
54 KB

84ms
83ms

Font
font/woff2

13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Protocol

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3880
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 54304
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"d420-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: JVpWXOjjToML8C5jsDNo9XfpRxgn2Z7bAb6wFpu5nFpEgmIKEc5hXQ==

Redirect headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/merriweather/MerriweatherSans-Black.woff2?rf
content-length: 0
x-amz-cf-id: a0Yl5lHW4qNnMIO0NO7IF4Q9w0Nsfa_kiAozEIm8c-ReCMqaI9TAiw==

GET
H2

200

TorstarDeckCondensed-Semibold.woff2
www.thestar.com/assets/fonts/
Redirect Chain

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2
https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

18 KB
19 KB

84ms
84ms

Font
font/woff2

13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Protocol

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:47 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3880
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 18736
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4930-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: AFWqpRpJw7f_XiilCw3f7tfWnP-BVzq_4phpBsH5xfMOGi0xwcDlpQ==

Redirect headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Semibold.woff2?rf
content-length: 0
x-amz-cf-id: WGl4boXeaTAQcGKhQUOrmHhM5OyHtAwo-4MJUks15XC_Tc5rTtGb8g==

GET
H2

404

TorstarDeckCondensed-Roman.woff2
www.thestar.com/static/clients/torontostar/
Redirect Chain

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2
https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

0
0

73ms
71ms

Font
text/html

13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/?redirect=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:23:33 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
age: 114
x-powered-by: Express
etag: W/"1c8d9-k44iAFCod7p7ZYvxpjMmHiJ4B1o"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Error from cloudfront
cache-control: max-age=180
x-amz-cf-id: w7hDQ0AKL6GBl9NP-8cLP5H3ySUbZG6voQpcacjkDK4rT-t2Y2wSTA==

Redirect headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: LambdaGeneratedResponse from cloudfront
location: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf
content-length: 0
x-amz-cf-id: gV_X7H7gSrBNESlIXRu4oTxH3_FeOjw6Q2Zl-nNx-CJeCa8R1zkkxw==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 165ms
163ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

a368e10f98f84b85990d81f4ce950fdb97ff8c229b3370eeb8755b866dff0956

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"356-30SN/eC3vAr18OTD6KEwn+GZ918"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: oCvtupatuuKx46OnNemzOtNZCAe2ZMYqsO-VzANx5wVRPb2XaTDcIQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 162ms
162ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9c2cf77e0bf0dde44d7c99ed8797071b40fdcd0f984e9235a92cfa506cc96469

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"a46-O3VMNIDob/oJyCkdygej4LwfkOQ"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2630
x-amz-cf-id: SXt2nbsqybzaWG-gbVIMvUKQ8md9KUm0LGUzP_a5uBFKYX6H6W0zzg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 854 B
1 KB 158ms
158ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

641f574c34b195534164c65a14356a749352e453ff43cc7f7312f23fa0fd561e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"356-KVguAyMhxZWirIL9XS6Y1mbfSNc"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 854
x-amz-cf-id: fazBFcJKKHz9iwzFWkxqRwg697-4l7D_DBt8qa0gwRr_XlYa3SgadQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 KB
2 KB 240ms
240ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

e62bbd30403f2a5d4ba53cca05027f5283ed68c4cfc8bd74934ee6a9aca05613

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"6ab-Wh/oDfVH0Pd4W20fsUtf5XgAGPk"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 1707
x-amz-cf-id: B0vJWzd5mHXn8Dw-lF0xv26Lm3iHcbOT1PDMBMPL9pVhJ4Wb51iDxA==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 2 B
405 B 159ms
159ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2
x-amz-cf-id: ezSEpnm9cNutXQQSu32jKZ4ebdNKNfQZX_tpr4wVgCty1NZnoJaYdg==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
4 KB 179ms
157ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

9a558a135bc6946c3acb1d54be778d157ac78565acc5e8d74da3ccd220d01ab1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"d9b-AJx4QIkacyRNtg96MeJ6GlQt7lI"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 3483
x-amz-cf-id: GCQ-60iMuyPrJfZ6nCERj-vKfDY7_0XdDUJ3bQaQWPbbv8R0PkBUsQ==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 3 KB
3 KB 165ms
158ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

8a6b8d6189b119e313f4a30078a824eb0f8380061744a9812783734ea66636aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"a1e-12XR6mEh0IqHf+oj/aP4xzW9NtQ"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 2590
x-amz-cf-id: qcOiDadvyYVCXUerLF1w55J11zmHWT8Eo2uFOCyBx9nxsk9af2Q39Q==

POST
H2 200 images Show response
www.thestar.com/api/liftigniter/ 5 KB
5 KB 163ms
159ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/liftigniter/images

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

72fad125ac3b5621b5c6a42f743fd300cf329d1377c3e2c0fae8e57896a8e82c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"1436-riBiOwjsAzJ20KRz9f2Ltp5/JXY"
x-frame-options: SAMEORIGIN
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=180
content-length: 5174
x-amz-cf-id: rCLZ4r1IE0ApiauIh28bNso06fkh3k2uf0Rw0GETxjw6CY0oeJOK7g==

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame EA19 1 KB
745 B 78ms
77ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

9a16ace082ee5d4603c6b28a3aac56154bf72ff307fbc72269270c3f3acea61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 719
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:55:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 18:17:28 GMT

GET
H2 200 mdc.textfield.min.js Show response
n511.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/ 66 KB
12 KB 89ms
72ms Script
text/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugins/toolbar_whatcounts/ts_d3dd9500cca2bd121600d736b16f4f6c/frontend/src/scripts/mdc.textfield.min.js

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 03 Sep 2022 23:23:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 8852489
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 11561
x-xss-protection: 1; mode=block
last-modified: Fri, 02 Sep 2022 23:23:58 GMT
server: -
etag: 6255d33f94b82e67e60ed3d71ba26fe3
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: U1xSBIOdB5aYIMDof_gxdc-rnRi_x9N6fFqHoQgy1cOZYlvZUAJUBA==
expires: Sun, 03 Sep 2023 23:23:58 GMT

GET
H2 200 user_agent.min.js Show response
n511.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/ 5 KB
2 KB 88ms
72ms Script
text/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugins/listener_logout_torstar/ts_19beba72f86c9c8dac3d26c579a17658/frontend/src/scripts/user_agent.min.js

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 07:36:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 3638920
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1274
x-xss-protection: 1; mode=block
last-modified: Wed, 02 Nov 2022 07:36:47 GMT
server: -
etag: 333f52c72fdc4072c6c7950dab8f54f4
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: QhjJng-yClnkl8smC3xHpVuc37fKmWh7O-mAvK2B7CoffmZLwo2BzA==
expires: Fri, 03 Nov 2023 07:36:47 GMT

GET
H2 200 f2bd154bdaede257e525139715c16c97 Show response
n511.thestar.com/plugin/library/ 303 KB
95 KB 87ms
71ms Script
text/javascript 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugin/library/f2bd154bdaede257e525139715c16c97

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

4af801c6866959bf4e30e504775eb8ef92569874854ba490aa7ac39a23723117

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 57521
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 96649
x-xss-protection: 1; mode=block
last-modified: Tue, 13 Dec 2022 18:26:46 GMT
server: -
etag: f2bd154bdaede257e525139715c16c97
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 6sgw4D5XRh0nDTnhhCQF6-OnnGCR9w79KAPMNC0eCuCZwyJX37_Bvw==
expires: Thu, 14 Dec 2023 18:26:46 GMT

POST
H2 200 LB-Zone-2 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/1009/ 3 KB
2 KB 464ms
454ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/DG/DEFAULT/rest/rpc/1009/LB-Zone-2?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=&bctempid=d94ba0aa-a223-4699-a3f9-c2ac50940881&overruleReferrer=&time=2022-12-15T10%3A25%3A27%2B00%3A00&ts=1671099927513

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

ce9782de72a0900279180f026d47e7d5766bb246a5517efa894560223a7806c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 1120
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: FGd3LBTyZmuwwcCfWxO2EkFmoYA9eJiEjX9CPqN0hCQ56YesQ0SoSA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 35 KB
35 KB 172ms
55ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Merriweather+Sans:wght@300;400;500;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:56:23 GMT
x-content-type-options: nosniff
age: 214144
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35520
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:03:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:56:23 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 75ms
75ms XHR
text/plain 172.217.23.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=2015298163&t=pageview&_s=1&dl=%2F&dp=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&ul=en-us&de=UTF-8&dt=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACgAIAB~&jid=518991917&gjid=1559011991&cid=992549094.1671099927&tid=UA-150212423-1&_gid=2030380028.1671099927&_r=1&_slc=1&cd9=season&cd14=(not%20set)&cd2=widgets&cd3=us.common.scoreTicker&cd4=1.0&cd101=(not%20set)&cd1=1&cd6=web&cd5=en_us&cd7=sr%3Acustomer%3A6666&cd107=default&cd108=default&cd8=sr%3Ahsalias%3Atorontostar&cd110=2.0.257%3A2022-12-09T09%3A29%3A22.369Z&cd23=null&cd10=(not%20set)&cd11=(not%20set)&cd13=(not%20set)&cd12=(not%20set)&cd15=(not%20set)&cd16=(not%20set)&cd17=(not%20set)&cd18=(not%20set)&cd19=(not%20set)&cd20=(not%20set)&cd24=(not%20set)&cd21=(not%20set)&cd22=(not%20set)&cd103=sr%3Abookmaker%3A129&z=865766810

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f110.1e100.net

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 234 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 3 KB
2 KB 328ms
65ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/234

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

2b6c24d50ab77a4245c2b671070daa00cdbea74dcd6a8de9794d55791e262fa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:28 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web1
content-length: 939
x-feeds-fv: feeds-prod-euc1-fvauto-073e231d914034fe5
last-modified: Thu, 15 Dec 2022 10:22:59 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web1
etag: W/"a5fd69c7f488258255901f37ab6caa555902c15b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 163018980 161020093, 455392646 142757506
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 10:27:59 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame EA19 573 B
417 B 89ms
88ms XHR
application/json 172.217.18.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-4562546433644055441&bl=boq_subscribewithgoogleclientserver_20221213.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=37528&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.14 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f14.1e100.net

Software

ESF /

Resource Hash

5b2d8b1f9217ee760d1687628da415805d1e9cb7aa381de19f81e51dc0c0d7f4

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:27 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding: gzip
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 222ms
142ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5855&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=87&jsfv=nbc&ts=1671099927820&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_canada&source=LI&pl=null&tr=null&st=5848&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F09%2Fontario-amber-alert-sent-out-for-two-13-year-olds.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F13%2Fscientists-reveal-holy-grail-breakthrough-to-create-limitless-clean-energy.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F14%2F87-year-old-identified-as-montreal-driver-who-hit-baby-in-carriage-without-stopping.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F14%2Fcorrectional-officer-charged-in-alleged-sexual-assault-of-inmate-at-womens-prison.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F14%2Ffusion-breakthrough-a-marvel-of-global-scientific-collaboration-including-canada.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F14%2Fquebec-man-guilty-of-murdering-young-sons-in-october-2020-sentenced-to-life-in-jail.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fcanada%2F2022%2F12%2F12%2Fontario-invests-20m-in-operating-costs-for-new-mri-machines.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 178ms
149ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5880&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=103&jsfv=nbc&ts=1671099927845&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_sports&source=LI&pl=null&tr=null&st=5875&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fleafs%2F2022%2F12%2F14%2Fmark-giordanos-value-to-the-maple-leafs-starts-on-defence.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fworldcup%2F2022%2F12%2F14%2Ffive-memorable-stories-from-fifa-world-cup-that-happened-off-the-pitch.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fraptors%2F2022%2F12%2F14%2Fwith-one-point-loss-to-kings-raptors-lose-three-in-a-row-for-first-time-this-season.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbluejays%2Fopinion%2F2022%2F12%2F14%2Fthe-blue-jays-need-outfield-help-heres-a-look-at-some-options.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsoccer%2F2022%2F12%2F14%2Finquiry-finds-widespread-misconduct-in-womens-pro-soccer.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fsports-betting%2F2022%2F12%2F14%2F49ers-vs-seahawks-week-15-prop-picks-expect-big-nights-from-mccaffrey-aiyuk-on-tnf.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Fbasketball%2Fncaa%2F2022%2F12%2F15%2Fcal-poly-hosts-weber-state-after-verplanckens-21-point-performance.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fsports%2Ffootball%2F2022%2F12%2F14%2F49ers-qb-brock-purdy-questionable-for-game-vs-seahawks.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:27 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 elon_musk.jpg
images.thestar.com/Wr6IDNLkxWH_MliJ88Y6owTiFMw=/0x0:1199x799/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/14/elon-musk-no-longer-richest-person-in... 11 KB
12 KB 90ms
81ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/Wr6IDNLkxWH_MliJ88Y6owTiFMw=/0x0:1199x799/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/14/elon-musk-no-longer-richest-person-in-the-world-forbes-says/elon_musk.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cadd7c21df4fb1f3928d58363aabf18bd4bf14b37fbf79672fc0b4deb945dc4e

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 02:17:35 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 29272
etag: "3e1f22a76e426a878d2822f576ffd98539bdb1ae"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 11422
x-amz-cf-id: MJiFDWNYmLf4MBEbfsGW7dm7eoSQ59CLI3BHTz8P00bBSxCMJDb85A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shopify.jpg
images.thestar.com/CJdRHBr-3fm0OBIP5P7mG3ocmUo=/0x0:1161x774/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/14/shopify-confirms-it-no-longer-intends... 38 KB
38 KB 77ms
74ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/CJdRHBr-3fm0OBIP5P7mG3ocmUo=/0x0:1161x774/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/14/shopify-confirms-it-no-longer-intends-to-expand-to-massive-new-toronto-office-space-citing-shift-toward-remote-first/shopify.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3627618f4a064f67292dff0923835f8a354eeab39659a8de90b1e820d661c0c0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:25:41 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 35986
etag: "0fd55fd3bb2706cfea3d2b05392e931840e919e6"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 38500
x-amz-cf-id: A8lRDyD1n9kvr_TAUsnv3fGqdWH3MGJFRzVZ58CRR7bNzauIlJ1csw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 154ms
150ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=5944&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=114&jsfv=nbc&ts=1671099927909&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_business&source=LI&pl=null&tr=null&st=5937&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F12%2F14%2Fshopify-confirms-it-no-longer-intends-to-expand-to-massive-new-toronto-office-space-citing-shift-toward-remote-first.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F12%2F14%2Felon-musk-no-longer-richest-person-in-the-world-forbes-says.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F12%2F14%2Fmeme-stock-influencers-charged-with-114-million-fraud.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F12%2F14%2Fcp-newsalert-osc-says-no-reasonable-prospect-of-conviction-in-canntrust-case.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 TorstarDeckCondensed-Roman.woff2
www.thestar.com/assets/fonts/ 19 KB
19 KB 69ms
67ms Font
font/woff2 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/assets/fonts/TorstarDeckCondensed-Roman.woff2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.thestar.com/static/bundle.css?v=a7ec346be77d2b093788
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:20:48 GMT
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 3880
x-powered-by: Express
x-cache: Hit from cloudfront
content-length: 19052
last-modified: Wed, 14 Dec 2022 19:59:58 GMT
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
etag: W/"4a6c-1851238ea30"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: https://amp.thestar.com
cache-control: max-age=14400
accept-ranges: bytes
x-amz-cf-id: GGMrNBNENPk7Tr_GnUTFf-ow6aTMys9Eqrjfzdk4AhnrpXuXhwwmUA==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 203ms
202ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6024&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=123&jsfv=nbc&ts=1671099927989&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_world&source=LI&pl=null&tr=null&st=6022&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F12%2F15%2Fexplainer-what-can-the-patriot-missile-do-for-ukraine.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fafrica%2F2022%2F12%2F14%2Fmorocco-airline-says-7-world-cup-flights-to-qatar-canceled.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F12%2F14%2Ftransgender-inmate-on-missouris-death-row-asks-for-mercy.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F12%2F14%2Fpelosi-portrait-unveiled-historic-1st-of-a-female-speaker.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fus%2F2022%2F12%2F14%2Fus-sues-arizona-over-shipping-containers-on-mexico-border.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fworld%2Fmiddleeast%2F2022%2F12%2F14%2Fsiblings-of-beirut-blast-victims-plan-to-tie-the-knot.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 165ms
162ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6087&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=156&jsfv=nbc&ts=1671099928052&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_politics&source=LI&pl=null&tr=null&st=6081&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F12%2F14%2Fis-this-really-what-could-torpedo-justin-trudeaus-minority-government-in-2023.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F12%2F13%2Fdoug-fords-family-rift-over-covid-19-measures-plays-out-on-his-christmas-card.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2F2022%2F12%2F14%2Falberta-premier-apologizes-tries-to-clarifies-comment-about-first-nations.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F12%2F13%2Fdoug-ford-announces-plan-to-replace-ornge-air-ambulance-aircraft.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Ffederal%2F2022%2F12%2F13%2Fpierre-poilievre-needs-to-win-ridings-like-mississauga-lakeshore-insiders-reveal-why-he-didnt-try-harder-this-time.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F12%2F14%2Fontario-offering-free-naloxone-kits-to-help-workplaces-deal-with-overdoses.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 186ms
148ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6118&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=164&jsfv=nbc&ts=1671099928084&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_recommended_for_you&source=LI&pl=null&tr=null&st=6117&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F12%2F14%2Fmy-seemingly-self-confident-husband-left-me-for-a-woman-almost-30-years-younger-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fnews%2Fgta%2F2022%2F12%2F13%2Fmajor-winter-storm-to-hit-toronto-with-heavy-snow-and-freezing-rain-heres-when-its-arriving.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fprovincial%2F2022%2F12%2F13%2Fdoug-fords-family-rift-over-covid-19-measures-plays-out-on-his-christmas-card.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fpolitics%2Fpolitical-opinion%2F2022%2F12%2F14%2Fis-this-really-what-could-torpedo-justin-trudeaus-minority-government-in-2023.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fbusiness%2F2022%2F12%2F14%2Fshopify-confirms-it-no-longer-intends-to-expand-to-massive-new-toronto-office-space-citing-shift-toward-remote-first.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F12%2F13%2Fcelebrities-are-supposed-to-dress-to-the-nines-not-the-zeroes-by-boycotting-pants.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 rl_ellie_15.jpg
images.thestar.com/NdzUu_FeypizWvepG2groAlNk60=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2022/12/14/my-seemingly-self-confident-husba... 4 KB
4 KB 128ms
102ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/NdzUu_FeypizWvepG2groAlNk60=/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/life/relationships/advice/2022/12/14/my-seemingly-self-confident-husband-left-me-for-a-woman-almost-30-years-younger-ask-ellie/rl_ellie_15.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a1cd682604b6929f0a08244e71468e1f920ce4783554e5806760a43d0e0b1a43

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 11:57:39 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 80869
etag: "90f998ceb11b28f4156545591615986e348464f8"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 3870
x-amz-cf-id: sbWcfH3d6Du0rdVN_NL1OEg5vVkfwsDnVtRMJ30CZSDKyJ5d6kiu7A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chy108_2022011718_cpt637780244259075372.jpg
images.thestar.com/SYVuQRm-toeUcrSNc3Km_bVBVK4=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/13/major-winter-storm-to-hit-toronto-wit... 3 KB
3 KB 77ms
51ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/SYVuQRm-toeUcrSNc3Km_bVBVK4=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/news/gta/2022/12/13/major-winter-storm-to-hit-toronto-with-heavy-snow-and-freezing-rain-heres-when-its-arriving/chy108_2022011718_cpt637780244259075372.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9fab3b1b7382f171bf91105e66f0f5127065bb7cb93533598960b686de880849

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 18:11:13 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 144855
etag: "296556ebf48c0bf65c99669716a5eb5e313592b5"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 2570
x-amz-cf-id: T6D2DhDuQbvPbH71x1QLqFQN8-4FQfdP7MqHMrhwiuSd5f4rRpSbHA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 _1dford_christmas_card_2022_jpg.jpg
images.thestar.com/zlisTRnh_QtisU44u65U8hRhHb4=/0x0:1087x725/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2022/12/13/doug-fords-family-rift-ove... 6 KB
6 KB 86ms
60ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/zlisTRnh_QtisU44u65U8hRhHb4=/0x0:1087x725/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/provincial/2022/12/13/doug-fords-family-rift-over-covid-19-measures-plays-out-on-his-christmas-card/_1dford_christmas_card_2022_jpg.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: cda8601fbf20636ea8c9db6c8263ba7e11a4ccd80cbe052d0ef14c444ebb0320

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 22:54:42 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 127846
etag: "a3dbb94f76ae93d1ec62749baee97ac2c5c518f2"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 6178
x-amz-cf-id: 2pAeGxqCO4QuQ42fnzzAzn__n9rWNTQTmKaiB7GG5_EWd5JSmKpiGw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 trudeau_singh.jpg
images.thestar.com/8oCOYfd-4Adm5vqRo7W-7O9ia_E=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2022/12/14/is-this-really-what... 5 KB
5 KB 87ms
62ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/8oCOYfd-4Adm5vqRo7W-7O9ia_E=/0x0:1200x800/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/politics/political-opinion/2022/12/14/is-this-really-what-could-torpedo-justin-trudeaus-minority-government-in-2023/trudeau_singh.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a0d806f95c55de2705d0891cffff7666c763af7922f7890bc8eea92ca0f1b6b3

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:31:05 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 35663
etag: "a0a39c72788a221e7a02ab2d2dcae900c7183908"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 5236
x-amz-cf-id: BxX8bae9YVGCWADI7WaOj0NEV3KtKstsGJG-kvRERFODn3XaQb-wLg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 shopify.jpg
images.thestar.com/6jdCrf6BeRV1GvrTzLixZ2PRwbk=/0x0:1161x774/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/14/shopify-confirms-it-no-longer-intends... 4 KB
4 KB 92ms
67ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/6jdCrf6BeRV1GvrTzLixZ2PRwbk=/0x0:1161x774/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/business/2022/12/14/shopify-confirms-it-no-longer-intends-to-expand-to-massive-new-toronto-office-space-citing-shift-toward-remote-first/shopify.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 49cddd09106043a53dae9a1b2d6e8a5d3d6530f19bf0c942a03bef05582bb656

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 00:21:17 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 36251
etag: "6de8bf790aea6e7377e2e0c1d72c4b787b9bd57a"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 4118
x-amz-cf-id: JTF29TA1_nXUjp6UMOrhQ2fe93dCldZy2YKSkFWfdDGGvCTGGyQRCA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 juliafox.jpg
images.thestar.com/bBYg7k-zU6aR_cWGsJ1RdKOzkfE=/0x0:920x613/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/opinion/2022/12/13/celebrities-are-supposed-... 5 KB
5 KB 89ms
64ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/bBYg7k-zU6aR_cWGsJ1RdKOzkfE=/0x0:920x613/100x100/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/opinion/2022/12/13/celebrities-are-supposed-to-dress-to-the-nines-not-the-zeroes-by-boycotting-pants/juliafox.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 949c62cdb00cb8998e0befb43a0676e1c4e37fe8bac6fd227da5a35d673591da

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:37:56 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 121652
etag: "10bdcc54b7ce52b54f05560e8c2f013af12b2531"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 4614
x-amz-cf-id: f7Eddn5A1vR2Le7XypthwLpS9-8-NyvC_I5iidBGnuXOLuYeER94WA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 151ms
147ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6237&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=176&jsfv=nbc&ts=1671099928203&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_life&source=LI&pl=null&tr=null&st=6236&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F12%2F14%2Fmy-seemingly-self-confident-husband-left-me-for-a-woman-almost-30-years-younger-ask-ellie.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Ffood_wine%2Frecipes%2F2022%2F12%2F14%2Fa-dish-for-meatless-monday-a-saltine-cracker-hack-and-comforting-pasta-heres-whats-cooking-this-week.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Flife%2Frelationships%2Fadvice%2F2022%2F12%2F13%2Fmy-teenage-daughter-resists-doing-anything-for-herself-ask-lisi.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H2 200 juliafox.jpg
images.thestar.com/4-p9pP6PlcisueUUjBn7TG36mlM=/0x0:920x613/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/opinion/2022/12/13/celebrities-are-supposed-... 16 KB
17 KB 102ms
92ms Image
image/webp 18.66.147.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.thestar.com/4-p9pP6PlcisueUUjBn7TG36mlM=/0x0:920x613/690x460/smart/filters:format(webp)/https://www.thestar.com/content/dam/thestar/entertainment/opinion/2022/12/13/celebrities-are-supposed-to-dress-to-the-nines-not-the-zeroes-by-boycotting-pants/juliafox.jpg
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-30.fra60.r.cloudfront.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e750cdadea240bb27de8e0417a72ebe1fbc4a683805471d2124c8138b382a13b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 00:43:57 GMT
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA60-P4
age: 121291
etag: "45f8eb66e89a801d2771e4e5c4da1a935ccba8e7"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=315360000
content-length: 16608
x-amz-cf-id: H5zZ_O_VQGXLkfpMchWY7barAkeW5h02dg3xJWuoUMC7oKmfHYmCtg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 45260495460690880700815615972614243332 Show response
api.thestar.com/users/data/anonymous/sitename/thestar/id/ 51 B
415 B 536ms
345ms XHR
application/json 13.224.189.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/45260495460690880700815615972614243332
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-100.fra2.r.cloudfront.net
Software: /
Resource Hash: a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
x-api-key: b07LQ46EyU42X8fc14kd08w8gAyfSf337nbF5L8b

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amzn-trace-id: Root=1-639af619-4c0fa5bf5ad3f9cd6af9b80a;Sampled=0
x-amzn-requestid: 639853bf-8450-4500-b064-7b1534498af9
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: dLtj-FnOIAMFtsQ=
content-length: 51
x-amz-cf-id: i02murQAi2O6lm1Ec7CwLn77sifCcCSIxJaEYupiEob7kmZBQ-n4uQ==

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 158ms
147ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=widget_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6264&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=179&jsfv=nbc&ts=1671099928229&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=thestar_entertainment&source=LI&pl=null&tr=null&st=6262&vi=%5B%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F12%2F13%2Fcelebrities-are-supposed-to-dress-to-the-nines-not-the-zeroes-by-boycotting-pants.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2F2022%2F12%2F14%2Fstephen-twitch-boss-dj-on-ellen-show-and-beloved-hip-hop-dancer-has-died-at-age-40-reports.html%22%2C%22https%3A%2F%2Fwww.thestar.com%2Fentertainment%2Fopinion%2F2022%2F12%2F14%2Fdrakes-new-necklace-is-called-previous-engagements-a-better-name-would-be-future-breakups.html%22%5D&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

OPTIONS
H2 200 45260495460690880700815615972614243332
api.thestar.com/users/data/anonymous/sitename/thestar/id/ Frame 0
0 567ms
352ms Preflight
application/json 13.224.189.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.thestar.com/users/data/anonymous/sitename/thestar/id/45260495460690880700815615972614243332
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-100.fra2.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 e976f829f2d1c4787d42d0595ae7cf74.cloudfront.net (CloudFront)
x-amz-apigw-id: dLtj5F2coAMF4jw=
x-amz-cf-id: yN0f8n13KYPZjmvTZkFfk8lm0L3bIKZS_YUnKp_nLQLbQFtkG50LNw==
x-amz-cf-pop: FRA2-C1
x-amzn-requestid: 6105a7a9-a6db-4378-ad2e-43bf84938e2e
x-cache: Miss from cloudfront

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 301 B
182 B 172ms
74ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b616bd1f2625c0959aa213c245bf9e2c17bcd9744a64be887865c4658201cdfd

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:28 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 502ms
368ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/DG/DEFAULT/rest/rpc/1009?referer=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&bcsessionid=d94ba0aa-a223-4699-a3f9-c2ac50940881&bctempid=&overruleReferrer=&time=2022-12-15T10%3A25%3A28%2B00%3A00&ts=1671099928557

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

c66e9e13a3e3179236a565bf93374bb31a9b60942f8ca4c7133758ea5823d701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2485
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Avfg03zgh23Ldo2PwLg0V_Rf3e8Wy0HCaka77_XRWsnbesVWQSAeWg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 toaster_v3.css
n511.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/ 1 KB
1 KB 203ms
36ms Stylesheet
text/css 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://n511.thestar.com/plugins/toaster_torstar/ts_e4a9ba13889ad51ca58f5cf11adda34f/frontend/src/css/toaster_v3.css

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/plugin/plugin/26306de9dd7211366ce9d6420871f067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 23 Oct 2022 06:35:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 4592985
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 485
x-xss-protection: 1; mode=block
last-modified: Sat, 22 Oct 2022 06:35:43 GMT
server: -
etag: c6066030d2b28fbf58f4c7c3d8e5b9b0
content-type: text/css; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: GHpyyvQwyN3woSVkNLfainCHnRUyQEM4dN6huRUCt2pAt74TkdCzGA==
expires: Mon, 23 Oct 2023 06:35:43 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 562 B
1 KB 521ms
420ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

bc78a23615ccc46faf9c2f6540bf394a152c033c0a42773e059b47b35c44ca06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 163
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 2EJeApJ2kqMraIImvgW1XlFbgjfoAC2HzpmE9jLm9XxsBjCD8iT9EQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
3 KB 477ms
449ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

a1f5a285e11c885627ff25d396bf044d41c39e474eb4c65e9a4f14676fc91136

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2445
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: sxKKeCc3I-kqmPPzpKtHdX7-jLvLY5IYCgUWRYC4GxuQlwFfXn8EFw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 377ms
76ms Script
application/x-javascript 157.240.201.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/plugin/plugin/26306de9dd7211366ce9d6420871f067

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams4.fbcdn.net

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 10:25:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: cTbWfedw+QsXPtQuVOYpGAvRvHH/iGVgPPU8rIoC34Vv7sO2fSwP4Zf8Zk1rmHxHabdIOSKSDVtUIWea/WkM7w==
x-fb-trip-id: 1709462857
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 553 B
1 KB 471ms
457ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

04c7f0fb4e354a7e2cbd455dfafebce4feb2c393b7bbbcfc22066af20f5ea347

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 179
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: 622kcLb8RKjqSTLr19kZzpSBzkasWsUorFG259hteWEyDBKDmNFSrQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 237ms
224ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6627&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=185&jsfv=nbc&ts=1671099928592&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonStickyMenu_NonSubs_Subscribe_Q122_Sale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 238ms
224ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=conversion_shown&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=6659&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=204&jsfv=nbc&ts=1671099928624&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&conversion_t=%5BSTAR%5D%20HeaderCTAButtonMobile_NonSubs_Subscribe_Q222_OutlinedSale&sdk=bc-pixel
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 185 B
1 KB 471ms
459ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

30ec909b5721dcf0ef1f97abbee5c069f39f9fe3a9c9a73e37dc50f24f25942b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 166
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: -rhK43zBusn0DIcDfKctN4xnEFnYtOzGyufjktnEkh41JSP9ngcy7A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cs Show response
torstar.blueconic.net/DG/DEFAULT/ 67 B
856 B 157ms
152ms Script
text/javascript 100.25.1.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://torstar.blueconic.net/DG/DEFAULT/cs?bcsessionid=d94ba0aa-a223-4699-a3f9-c2ac50940881&&callback=bc_json1011

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.1.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-25-1-9.compute-1.amazonaws.com

Software

- /

Resource Hash

fbf2001fbaa154221dcd3f40564a6c03d7d844fb244f185c0eb39b1ef3df92ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 87
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
34 B 358ms
357ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:28 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/ 1 KB
1 KB 115ms
0ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/stats_season_meta/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

f81d10f0f830c58d309764643a91fa083c00f9b726548d23435e6be3f937743c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:28 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar04
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web4
content-length: 725
x-feeds-fv: feeds-prod-euc1-fvauto-087d94b72bb8a1487
last-modified: Thu, 15 Dec 2022 10:07:11 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web4
etag: W/"6b70c2fc6791f09d99881017b60e612fb6d67509"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=3596
x-varnish: 375838779 376915139, 84007568 81727110
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 11:07:14 GMT

POST
H3 200 log Show response
play.google.com/ Frame EA19 131 B
155 B 231ms
99ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 312ms
93ms Preflight
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:29 GMT
expires: Thu, 15 Dec 2022 10:25:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EA19 131 B
155 B 234ms
100ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 306ms
94ms Preflight
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:29 GMT
expires: Thu, 15 Dec 2022 10:25:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EA19 131 B
155 B 231ms
99ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:29 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 294ms
95ms Preflight
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:29 GMT
expires: Thu, 15 Dec 2022 10:25:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame EA19 131 B
155 B 233ms
101ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
X-Goog-AuthUser: 0
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:29 GMT

GET
H2 200 b
engagefront.theweathernetwork.com/x/ 42 B
309 B 464ms
159ms Image
image/gif 34.120.23.223
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engagefront.theweathernetwork.com/x/b?data=%7B%22advertiser_org_id%22%3A%2261731269aabe2aa0d6cf5785%22%2C%22event_name%22%3A%2249695385_45a9_4217_b0c5_58934bb70a35%22%2C%22subevent%22%3A%2278386%2C79131%22%7D
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 223.23.120.34.bc.googleusercontent.com
Software: TornadoServer/4.2 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
via: 1.1 google
server: TornadoServer/4.2
etag: "d5fceb6532643d0d84ffe09c40c481ecdf59e15a"
p3p: policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type: image/gif
cache-control: max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
expires: Thu, 15 Dec 2022 10:25:29 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame EA19 17 KB
7 KB 148ms
61ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

2b6a59cd150d86a347f70844bc75b8caa0fba4d62156efce7e94df8d8e41fc9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7322
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:55:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 18:17:28 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 271ms
95ms Preflight
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:29 GMT
expires: Thu, 15 Dec 2022 10:25:29 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 close.png
n511.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/ 225 B
739 B 156ms
40ms Image
image/png 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://n511.thestar.com/rest/dialogues/files/196f0b70-9f50-49c7-8e23-29ba76b99342/close.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:00:02 GMT
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
age: 743127
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 225
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Dec 2022 20:00:02 GMT
server: -
etag: 78c046295f4be9f49abee490a3f879b8
content-type: image/png
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: FvbNaO83mbUMXdYkgYKWHSkECIohUajow9Iz7AWBz-eTtLWDjadN6w==
expires: Wed, 06 Dec 2023 20:00:02 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 914 B
989 B 300ms
68ms Script
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

f6c1348dd12df2565d9d74ab79e4a23b5f38467ea7c14cee23a166862f93a747

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576
x-xss-protection: 1; mode=block
expires: Thu, 15 Dec 2022 10:25:29 GMT

GET
H2 200 94839 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 2 MB
165 KB 218ms
141ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/94839

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

ae23a0f4f9691590cbb4c31723929d58d348e6f29eed0d93cfb096be825e5c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web6
content-length: 168330
x-feeds-fv: feeds-prod-euc1-fvauto-0800b592b3d2cc731
last-modified: Thu, 15 Dec 2022 10:25:21 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra2
etag: W/"3c4db37bdc1dcd239db2e6b9db0c64bd0e8fb31e"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
x-varnish: 168663229 159077479, 4033970 871031
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 10:25:41 GMT

GET
H2 200 870 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/ 1 KB
1 KB 217ms
140ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/uniquetournament_info/870

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

2e8bcceee3891d8a26d49b809829774932a57f99ace2915edeed938f77c7a222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web5
content-length: 608
x-feeds-fv: feeds-prod-euc1-fvauto-073e231d914034fe5
last-modified: Thu, 15 Dec 2022 10:20:50 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra3
etag: W/"8eeaea9d9aac925d5231300ee850c1a6c6096d9e"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=299
x-varnish: 519197268, 455904344 453960590
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 10:25:50 GMT

GET
H2 200 channels Show response
push.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/ 40 KB
4 KB 105ms
99ms Fetch
application/json 138.68.96.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/channels

Requested by

Host: static.app.delivery
URL: https://static.app.delivery/sdks/web/main.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.68.96.220 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

6f0cf975c0af30f364c187c27f76f5ca4c8146f95a98b3388b1abf3bd044eee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
Authorization: Basic ZWU3M2FkYjUtMWRmOS00ZGY4LTkyYTQtNzhlYWYxODJmNmU5OmUyVG1NTWNHMXlGOUR4OGxrZ0tBOVVXRkk4bHVOWVozZkhlUw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubdomains;
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-max-age: 36000
access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With

OPTIONS
H2 200 channels
push.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/ Frame 0
0 110ms
44ms Preflight
text/html 138.68.96.220
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://push.kumulos.com/v1/app-installs/92bf4170-c370-4ea9-ade3-8b3ffbb81d27/channels

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

138.68.96.220 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubdomains;
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Origin, Accept, Authorization,Cache-Control,X-Requested-With
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin: *
access-control-max-age: 36000
allow: GET,HEAD
cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:29 GMT
server: nginx
strict-transport-security: max-age=15552000; includeSubdomains;
vary: Accept-Encoding
x-content-type-options: nosniff

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 188 B
1 KB 448ms
441ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

3a102a182fde4b359aa380af37a4fe0f341290102d929d493f8abf30fd493d7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 151
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: Ji1t4MsMlsDmUx7Wkv61EPi8JICxXLrv-8LCdx4u3PGJONiaelWjpQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 m=RqjULd Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame EA19 11 KB
4 KB 104ms
101ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=RqjULd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

eb5f4383f425774d9d1870b942fce87d7cb799dc5116385ad8b1bf2098cb6a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:17:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58081
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4053
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:55:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 18:17:28 GMT

POST
H2 200 log Show response
play.google.com/ Frame EA19 131 B
672 B 280ms
89ms XHR
text/plain 172.217.16.206
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.206 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 15 Dec 2022 10:25:29 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 437ms
419ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

a63cd466ee6309b4d51541877419b61da3751d573737ffacb94fa56ace48cb40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: kB_q-SabIK_aQ_CSFkZw2XI6ASPc8F2vgYtj99SpLt88QdUrXkJSUA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 425ms
414ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

bbb5a4c469366e8d14b8cc3f0f29b3a6241bed783541327325bb117928d88094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 169
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: rO6_C-QhdxTf_fvc1eaIPhezeu5eskrIRN5i7X8o9LwqyMiAfd87Uw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 430ms
420ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

112cd72024a6af4adc2d26add5d1ffc6e14d08d4663dc5279a922439fbf62601

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: yCj0GuFBCvyx2F3kxma4egawLft550A3NpaMduyiombw0Bm17iMKTw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 90903 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/ 11 KB
3 KB 119ms
112ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/livescore_season_fixtures/90903

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

c0522fef58474869160f515ea601add767324b623a881069f2f8d5a4cb75735a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-xcvoyzca
content-length: 2107
x-feeds-fv: feeds-prod-euc1-fvauto-06b6b469df1cbde1e
last-modified: Thu, 15 Dec 2022 10:25:14 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web09
etag: W/"d2491a48b4d277186b1d36181ac2df8dc87295e7"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=19
x-varnish: 161630899 163942940, 455120437
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 10:25:34 GMT

GET
H3 200 549886031832745 Show response
connect.facebook.net/signals/config/ 482 KB
142 KB 168ms
105ms Script
application/x-javascript 157.240.201.15
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/549886031832745?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams4.fbcdn.net

Software

Resource Hash

2d8d372e582ae453124c43619b5a104145cc9dfdc0c0704b42aa013258ed5294

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 15 Dec 2022 10:25:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: RsYAG1/Ouoo7lT5+TX3F/xwe0u07R8+qP53ejo9tGvB1jWo36Bh5zLZKEmc0B/AR48/CIxyEGcimXfXeEvQumA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L... Frame EA19 137 KB
43 KB 83ms
55ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.VmpoJv12XX4.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.2JXw2JXlFQI.L.B1.O/am=OgwAEA/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,FCpbqb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,RqjULd,U0aPgd,WhJNk,Wt6vjf,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,hhhU8,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI71F2Ap3hCO5aPqzf9cEl2BJ7hlqA/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;EVNhjf:pw70Gc;JsbNhc:Xd8iUd;NSEoX:lazG7b;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,Z5uLle,xQtZb,QIhFr,hc6Ubd,SpsfSb,MdUzUe,zbML3c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

598e6fdbdcea0672e5b866da5737a51487f88b7f360c901cf48cbed1c3f6caee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58080
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44105
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 23:55:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 18:17:29 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ 401 KB
160 KB 227ms
70ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onCaptchaScriptLoad&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Origin: https://www.thestar.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 23:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 23:24:25 GMT

GET
H2 200 34542891 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
766 B 162ms
152ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34542891

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

63e15e047eeb94f0762c3b88449177a185391d45e096651f15009359c74fe313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web4
content-length: 122
x-feeds-fv: feeds-prod-euc1-fvauto-0800b592b3d2cc731
last-modified: Thu, 15 Dec 2022 09:07:53 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web4
etag: W/"ef8c290a3e5d23e157263b931bfee1c3d708b3f4"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10787
x-varnish: 163176939 154630657, 2017238 2694251
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:08:05 GMT

GET
H2

200

34542891 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34542891
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542891

955 B
988 B

97ms
86ms

XHR
application/json

95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542891

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

195cbca5cec4ae7864bf2df0af303348f82d032fcd111441bf62d5c352cce935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar03
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-cwsitukj
content-length: 345
x-feeds-fv: feeds-prod-euc1-fvauto-03107c6cc60dcf569
last-modified: Thu, 15 Dec 2022 09:09:05 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web14
etag: W/"21ff30f3f1e53b74c320e163feaf551d19e38c6a"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 514734018 514895091, 83972463 46212478
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:09:05 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web3
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-06b6b469df1cbde1e
x-sbe: feeds_zrh5_web3
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34542891
x-varnish: 430859218 430625186, 454117201
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34542893 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 128 B
769 B 161ms
151ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34542893

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

e1066abbe3e2cdfd9179a59518786b8d696b5496bf00f4431312adbd5895e914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-iwmuszgd
content-length: 123
x-feeds-fv: feeds-prod-euc1-fvauto-06b6b469df1cbde1e
last-modified: Thu, 15 Dec 2022 09:30:01 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web03
etag: W/"81913512efd56f484ff4a3f7200e8a21d162dfab"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 484604815 490284434, 453954323 436344864
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:30:01 GMT

GET
H2

200

34542893 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34542893
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542893

955 B
976 B

104ms
102ms

XHR
application/json

95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542893

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

74b0ad1db45bdea5135d72b4b35b05178b062b7b08ed698d98885c2ec9ea7652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar08
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-narlgiqb
content-length: 340
x-feeds-fv: feeds-prod-euc1-fvauto-061d8a383e19ec0da
last-modified: Thu, 15 Dec 2022 09:33:57 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web04
etag: W/"68c26a25ca7503f53971fd64ec368505e1892594"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 432387566 426594371, 514166
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:33:57 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-dergvdbg
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-0702724b472f58bef
x-sbe: feeds_web02
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34542893
x-varnish: 160784499 160475825, 26848594
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 34542895 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/ 9 KB
2 KB 162ms
154ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_bookmakerodds/34542895

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

062d2fd679c7aec2ea13b97fa6f36cf79d8cb5ab76b1ba346b89fae72de7e51f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-ixniufmx
content-length: 1643
x-feeds-fv: feeds-prod-euc1-fvauto-0800b592b3d2cc731
last-modified: Thu, 15 Dec 2022 09:26:33 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web12
etag: W/"a7835db850f37f4a5c178f5d7163a9b60eaf164e"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10796
x-varnish: 495165167 489953661, 1683954
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:26:36 GMT

GET
H2

200

34542895 Show response
uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/
Redirect Chain

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_iseodds/34542895
https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542895

955 B
991 B

93ms
87ms

XHR
application/json

95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/common/en/Etc:UTC/gismo/match_iseodds/34542895

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

d0cc33c469dabbeb53c5bf989ad5e171ed080f3f83dace48ab1e7b39717b1424

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar02
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web3
content-length: 343
x-feeds-fv: feeds-prod-euc1-fvauto-091e045f0c2a65c75
last-modified: Thu, 15 Dec 2022 09:27:59 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh5_web3
etag: W/"dffbd8d16cd0d1653ed364725d57d435c30fa471"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 155611517 160040463, 176844871 157954742
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:27:59 GMT

Redirect headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar05
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web3
content-length: 0
x-feeds-fv: feeds-prod-euc1-fvauto-091e045f0c2a65c75
x-sbe: feeds_zrh5_web3
server: nginx/1.18.0 (Ubuntu)
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: /common/en/Etc:UTC/gismo/match_iseodds/34542895
x-varnish: 496475149 493870656, 183305167
access-control-allow-headers: origin, x-requested-with, content-type, accept

GET
H2 200 default Show response
www.thestar.com/api/overlaydatarule/ 72 KB
13 KB 271ms
245ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydatarule/default

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

3f87a595313e77268947908a86741a064f2ea6f88627996a22a9a1fe65443be5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"121dd-VwlL97Tp8wb4ekZHZEd+Jl8t3VI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: d9x2tpQxt90a-LzBB8SP5vRRxuKJ9aeX5N-OsrazC9I20JfCttRP4A==

GET
H2 200 34542891 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 99ms
91ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34542891

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

dbde35c04e1d7ee0a8392e1b2dd67888d7ac56bb6c05c3495ab73a279420e598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-feeds-dermpluc
content-length: 1950
x-feeds-fv: feeds-prod-euc1-fvauto-083910ed99d5f44de
last-modified: Thu, 15 Dec 2022 09:08:16 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web13
etag: W/"4d18b182097a94a2757abfc7106751ad95e8d303"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10782
x-varnish: 163056811 159738798, 334770459 307010101
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:08:33 GMT

GET
H2 200 34542893 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 93ms
86ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34542893

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

d9fa8b070033c051a13a771943f4cab9d628d351daf572aaa3c26083258710d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar07
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh5-web6
content-length: 1962
x-feeds-fv: feeds-prod-euc1-fvauto-03107c6cc60dcf569
last-modified: Thu, 15 Dec 2022 09:29:29 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_web_extra4
etag: W/"17c388c497878cca02fa6e11e187266bfeedeb6f"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10799
x-varnish: 509068722 510758523, 62224187 43263520
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:29:29 GMT

GET
H2 200 34542895 Show response
uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/ 5 KB
3 KB 96ms
90ms XHR
application/json 95.101.111.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://uswidgets.fn.sportradar.com/sportradarmlb/en_us/Etc:UTC/gismo/match_info/34542895

Requested by

Host: widgets.media.sportradar.com
URL: https://widgets.media.sportradar.com/torontostar/widgetloader

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.101.111.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a95-101-111-154.deploy.static.akamaitechnologies.com

Software

nginx/1.18.0 (Ubuntu) / PHP/8.0.20

Resource Hash

1d9a3cf93e6c58e17e0dbaa54a8b8b2726075d32777080a1e4cf241fc3e265c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:29 GMT
xip: 185.147.213.67
x-srv: fishnet-prod-feedsbackvar01
xyolo
xipx: 127.0.0.1
x-powered-by: PHP/8.0.20
grace: none
x-feeds-web: fishnet-prod-zrh4-web2
content-length: 2007
x-feeds-fv: feeds-prod-euc1-fvauto-087d94b72bb8a1487
last-modified: Thu, 15 Dec 2022 09:26:32 GMT
server: nginx/1.18.0 (Ubuntu)
x-sbe: feeds_zrh4_web2
etag: W/"27bd2c82cd93a772f16b045fcc94e867725fdf6b"
access-control-max-age: 10800
access-control-allow-methods: GET
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: date
cache-control: public,max-age=10795
x-varnish: 159148385 163879861, 49347244 51602265
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: origin, x-requested-with, content-type, accept, cache-control, accept-encoding, accept-language
expires: Thu, 15 Dec 2022 12:26:36 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 181 B
1 KB 421ms
419ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

5a861c45474aced0df646c7e469d8e72f9c41fe3605408f2f6e49d816d279774

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 170
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: TAjbbDix2fuecDC7ovOWllUq1nudf6xDwcFqahZe2SUy_g8azvURwg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame D984 43 KB
22 KB 195ms
79ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=elvah88epma3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

f5355920a63bf1427f9146b2a5e4f3864126dc4fdb12b46a0aa213a6726d832c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XeQSBrThdqpATbdIOFw0XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22867
content-security-policy: script-src 'report-sample' 'nonce-XeQSBrThdqpATbdIOFw0XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:29 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 3690.png
img.sportradar.com/ls/crest/medium/ 6 KB
7 KB 261ms
53ms Image
image/png 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3690.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-25.deploy.static.akamaitechnologies.com

Software

nginx/1.10.3 /

Resource Hash

d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
x-sbe: logos_prod_web1
etag: "5dd2a1b8-19d8"
x-varnish: 284881264 284775709
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6616
expires: Fri, 16 Dec 2022 10:25:29 GMT

GET
H2 200 3700.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 261ms
54ms Image
image/png 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3700.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-25.deploy.static.akamaitechnologies.com

Software

nginx/1.10.3 /

Resource Hash

3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
last-modified: Mon, 18 Nov 2019 13:50:49 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
server: nginx/1.10.3
x-sbe: logos_prod_web1
etag: "5dd2a1b9-1788"
content-type: image/png
x-varnish: 290640949 290213161
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6024
expires: Fri, 16 Dec 2022 10:25:29 GMT

GET
H2 200 3692.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 266ms
58ms Image
image/png 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3692.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-25.deploy.static.akamaitechnologies.com

Software

nginx/1.10.3 /

Resource Hash

092433010c83e4e157d859c0712053ad168b50d22fcc8095a7ef133e10cd3aed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
server: nginx/1.10.3
x-sbe: logos_prod_web1
etag: "5dd2a1b8-18e0"
content-type: image/png
x-varnish: 291844893 291762120
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6368
expires: Fri, 16 Dec 2022 10:25:29 GMT

GET
H2 200 3679.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 308ms
101ms Image
image/png 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3679.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-25.deploy.static.akamaitechnologies.com

Software

nginx/1.10.3 /

Resource Hash

9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
server: nginx/1.10.3
x-sbe: logos_prod_web1
etag: "5dd2a1b8-170f"
content-type: image/png
x-varnish: 332541902 330071014
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5903
expires: Fri, 16 Dec 2022 10:25:29 GMT

GET
H2 200 3685.png
img.sportradar.com/ls/crest/medium/ 7 KB
7 KB 297ms
104ms Image
image/png 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3685.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-25.deploy.static.akamaitechnologies.com

Software

nginx/1.10.3 /

Resource Hash

15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62: 8096267
strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
server: nginx/1.10.3
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
x-sbe: logos_prod_web2
etag: "5dd2a1b8-1a3b"
x-varnish: 309473903 307920132
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6715
expires: Fri, 16 Dec 2022 10:25:29 GMT

GET
H2 200 3689.png
img.sportradar.com/ls/crest/medium/ 6 KB
6 KB 307ms
115ms Image
image/png 104.126.37.25
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.sportradar.com/ls/crest/medium/3689.png

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.126.37.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a104-126-37-25.deploy.static.akamaitechnologies.com

Software

nginx/1.10.3 /

Resource Hash

aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 15 Dec 2022 10:25:29 GMT
last-modified: Mon, 18 Nov 2019 13:50:48 GMT
x-srv: fishnet-prod-logos-fvauto-052a95080105bd4ec
server: nginx/1.10.3
x-sbe: logos_prod_web2
etag: "5dd2a1b8-17cf"
content-type: image/png
x-varnish: 308940562 309865849
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6095
expires: Fri, 16 Dec 2022 10:25:29 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame D984 52 KB
24 KB 57ms
57ms Stylesheet
text/css 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=elvah88epma3

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 08:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 08:53:15 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame D984 401 KB
160 KB 86ms
85ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 23:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 23:24:25 GMT

GET
H2 200 overlaydata Show response
www.thestar.com/api/ 71 KB
13 KB 246ms
246ms XHR
application/json 13.32.27.13
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thestar.com/api/overlaydata

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/static/vendors~bundle.chunk.js?v=ce10db47

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.13 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-13.fra56.r.cloudfront.net

Software

Apache/2.4.54 (Unix) OpenSSL/1.1.1n / Express

Resource Hash

eb0a3b6414dafcb1f62232ea03c34470af816bd8e10dfaca643a4e3958f9b102

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.thestar.com/?redirect=true
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:30 GMT
content-encoding: gzip
via: 1.1 99399b4523bd3370d7a592870d630ec8.cloudfront.net (CloudFront)
server: Apache/2.4.54 (Unix) OpenSSL/1.1.1n
x-amz-cf-pop: FRA56-C2
x-powered-by: Express
etag: W/"11acc-r/2J8xxKxT0G3fUVrEY/gh7sWyg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://amp.thestar.com
x-cache: Miss from cloudfront
cache-control: max-age=180
x-amz-cf-id: Go0FZSOlRzsSWaeDuHfPEwBnBcixcuppC3htOlkemrT_5iKcznNqnA==

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame D984 102 B
134 B 88ms
88ms Other
text/javascript 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb&co=aHR0cHM6Ly93d3cudGhlc3Rhci5jb206NDQz&hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&size=invisible&cb=elvah88epma3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 15 Dec 2022 10:25:30 GMT

GET
H2 200 B24540798.279406836;sz=1x2;ord=385389163553 Show response
ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/ 33 KB
13 KB 330ms
97ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=385389163553?

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

dcb6e3a0282c1a7737c3cb6274965cdae2670b58e1aa2dee99df14f66e53c353

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12549
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 72ms
68ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-57Q9DV2

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

ffa6bc06a926bc06781adabe7da85251076ce9db36a05500a78ada65760c9354

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39752
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 10:25:30 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 3632 7 KB
1 KB 132ms
122ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

eb30ce14583e2c7e1ad993d8b79d8672422b0f9814b8cf794b4e81900063575b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LP2173ENruUkAyPQakmV-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1115
content-security-policy: script-src 'report-sample' 'nonce-LP2173ENruUkAyPQakmV-Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 12 KB
5 KB 54ms
53ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC92631a6dea374f7f8c4e27bdaaf0a413-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4c7ee67a4a7168b8dea0055b9fa4b364a6967b7c694b733519e3b4756d272a46

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:38 GMT
x-amz-version-id: icU0prKNdSsAh1p24BfPvBPSng6m6Buw
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"d98b7b1983b686f33b91cd0b48958bba"
age: 3173
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 0fSSoDRyza3bpSzMSOSawpCRljzhir2w3XDpiJCRhioJPvjPCc923g==

GET
H2 200 load-cookie.html Show response
elb.the-ozone-project.com/static/ Frame 9982 12 KB
12 KB 68ms
66ms Document
text/html 63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=df84048a-7355-4612-88f5-e98dd000feaf&publisherId=TKN100000001&siteId=4204204311&cb=1671099927303&bidder=ozone
Requested by: Host: prebid.the-ozone-project.com
URL: https://prebid.the-ozone-project.com/hw/torstar/ozpb.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 11885
content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 10:25:30 GMT
expires: 0
last-modified: Tue, 13 Dec 2022 13:17:29 GMT
pragma: no-cache
vary: Origin

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 3632 52 KB
24 KB 56ms
55ms Stylesheet
text/css 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 08:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5535
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Dec 2023 08:53:15 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/ Frame 3632 401 KB
160 KB 58ms
58ms Script
text/javascript 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 23:24:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 163396
x-xss-protection: 0
last-modified: Thu, 08 Dec 2022 01:21:32 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 23:24:25 GMT

POST
H2 200 1009 Show response
n511.thestar.com/DG/DEFAULT/rest/rpc/ 6 KB
4 KB 155ms
154ms XHR
application/json 13.32.27.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n511.thestar.com
URL: https://n511.thestar.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-38.fra56.r.cloudfront.net

Software

- /

Resource Hash

88a2627da94b4cad8210d3c0e9acccfa07b0ba30cf07487ea7eb82b416de92ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 3d58896f901dbeed449603f5d2b4d9f0.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 2614
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: GafaY42AhtBzfKe_CFT3Cqvjvd_tAbvq0NpQNEZJ9S_G__RyA2Au5Q==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 cookie_sync Show response
elb.the-ozone-project.com/ Frame 9982 4 KB
5 KB 66ms
65ms XHR
text/plain 63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://elb.the-ozone-project.com/cookie_sync
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=df84048a-7355-4612-88f5-e98dd000feaf&publisherId=TKN100000001&siteId=4204204311&cb=1671099927303&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 682f0d891ecceaa6985893d840a78a2bb4c781330dc63ddbfcce5f98f5003eb8

Request headers

Referer: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=df84048a-7355-4612-88f5-e98dd000feaf&publisherId=TKN100000001&siteId=4204204311&cb=1671099927303&bidder=ozone
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:30 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://elb.the-ozone-project.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2 200 RC5e3aa078185a404a90c26089a206fc93-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
1 KB 53ms
52ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC5e3aa078185a404a90c26089a206fc93-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 96bce0dc390de0439f3bb050107878d05765f4ad3632340aa63e610955462ce3

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:39 GMT
x-amz-version-id: tTzBO9ztjedPSRHzgYMgkTKQwRpqAoRu
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"ae082f44e83d2a2465fdb5589d066b09"
age: 3172
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 7-EH-ZhhziB9du0tfRZh3_ckSPdE0MhStXKRy_LXl-uUoBJYkPLSCw==

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ 8 KB
3 KB 605ms
66ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=385389163553?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 11:00:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 11:00:27 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ 0
0 655ms
113ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstLr2gaJdMcpObqsPx4lkD0ISENAQ5q7T4Vmn44nPnUTAv1KOQoQuYbkJpzFP7xbOCFvLc0FzY7bGF3MdIpZSO0tNDob_NklxwEFaRN58rLi8nVP1Dc_7OYpZo4InN-iSTfhXcejv5z4XPg&sai=AMfl-YTNXQD1V0dJrHARROWcmxD_UVJdcCJLsPdaqVSwbtUtKnPEUF3oWZCrOD3WGctydNXRYaiJkApEcvTE3XraEg&sig=Cg0ArKJSzFcTnunfdK7KEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cisv=r20221207.00552&arae=0&ftch=1&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=385389163553?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 10:25:31 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 9982 43 B
106 B 532ms
54ms Image
image/gif 37.157.5.142
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
server: nginx
content-length: 43
content-type: image/gif

POST
H2 200 events Show response
pixel.thestar.com/ 0
117 B 691ms
179ms XHR
text/plain 44.207.211.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.thestar.com/events
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/549886031832745?v=2.9.90&r=stable
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.211.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-211-100.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.thestar.com
date: Thu, 15 Dec 2022 10:25:31 GMT
access-control-allow-credentials: true
content-length: 0
vary: origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 534ms
81ms Image
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=549886031832745&ev=PageView&dl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&rl=&if=false&ts=1671099930777&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1671099930770.238360820&eid=ob3_plugin-set_3af3637967a1a6a0e0ce1cafd8781700ba009835008b2f681f769f2cc0f92d09&it=1671099929217&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 15 Dec 2022 10:25:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 RCc150445a040d4802b87fe750d55df33a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 930 B
1 KB 52ms
51ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCc150445a040d4802b87fe750d55df33a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7c63888d02b9bade3b9f57dfa3f0d159fcab60c8ca12817bda4b707c937aae35

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:40 GMT
x-amz-version-id: LLbdzoU8IH6aBDbHAvJ337P9hXg5FuWP
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 3171
etag: "de54ee6c26cc532e0031c549c77d95f3"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 930
x-amz-cf-id: DsZrduFc2m0tecETNgP5Vu1zQ0SUm8u2zhUN9k_lcp0u4aT0kNS5Ng==

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 3632 39 KB
24 KB 107ms
107ms XHR
application/json 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

39c4598078e4d82cfb06034810424d3662ddc0893891e57940134e7c1fe09206

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 15 Dec 2022 10:25:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24269
x-xss-protection: 1; mode=block
expires: Thu, 15 Dec 2022 10:25:30 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 560ms
103ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 18:55:37 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100147-IAD, cache-hhn-etou8220073-HHN

GET
H2 200 RC518669eb80134c629229b164ea843f63-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 2 KB
1 KB 53ms
52ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RC518669eb80134c629229b164ea843f63-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e4be7f956a5bee1a33475e18df8ae5fa4783fb7b7533233a608ee627792cb754

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:39 GMT
x-amz-version-id: lVPKI3aJCc9CETzzwt.MGMwGBQ9OCnUI
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"868ac1f3a88fac9e89a6810379830058"
age: 3172
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: _3d-HXznPak2POVc3VKBINvBrpZCxaHfi0Kj7Z4bJtmTcxVXZQiqlA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
461 B 532ms
144ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=5028&u=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&pid=ElyOw5lQ4RlXh&cb=0&ws=1600x1200&v=22.1212.1511&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-large-homepage-1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-2%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-6%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-7%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-8%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-9%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-10%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-11%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-large-homepage-12%22%2C%22s%22%3A%5B%22134x170%22%5D%2C%22sn%22%3A%2258580620%2Fthestar.com%2Fhomepage%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c05282a87474a55ae2a8dd2aa77d1232.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: GVTD88AXXJ5HDZ4BRSDE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Kc5ySYEFoIPus99bIaD1Gnu2KK2t7-SswuCCHzDC5ocfFtxyoNIPog==

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame 3632 600 B
624 B 184ms
167ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 19:16:51 GMT
x-content-type-options: nosniff
age: 54520
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 21 Dec 2022 19:16:51 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame 3632 530 B
554 B 185ms
168ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:23:32 GMT
x-content-type-options: nosniff
age: 493319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 16 Dec 2022 17:23:32 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame 3632 665 B
689 B 186ms
169ms Image
image/png 142.250.74.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.195 Glen Cove, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f3.1e100.net

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/pn3ro1xnhf4yB8qmnrhh9iD2/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:58:22 GMT
x-content-type-options: nosniff
age: 55629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 21 Dec 2022 18:58:22 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3632 15 KB
15 KB 160ms
151ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 513026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 11:55:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3632 15 KB
15 KB 182ms
173ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:18:16 GMT
x-content-type-options: nosniff
age: 493635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 17:18:16 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3632 15 KB
15 KB 172ms
163ms Font
font/woff2 142.250.186.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f3.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 216252
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 22:21:19 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame 3632 26 KB
26 KB 112ms
112ms Image
image/jpeg 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AD1IbLCB6-LU_X2YHD4X_2EIbpAL37kJU0SJjQVdCyZeG3ew5xwwWdRdFTwFcHu1PeFMKtjUP8CkIOVF2UtoU4WjzlkQ21beIhsiyInC8wCu1d6LTWQ_TWS0wz1RPXNsexC2rywBJzRAVWJpg_s7pW-J4gpqTGHD_UbA1X_Eeh31NvbjgHE6xo6ekgrVgZ5KP0aDlcBntzgPhLFa4mJGMfhNYlck1p1yjg&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

c8cb02b101e2e9d5c698d957bbd43f45c5393d7e58ada105215d870405f700e9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=pn3ro1xnhf4yB8qmnrhh9iD2&k=6LfQHoEdAAAAAL5s61dvFv9OqGVkTXvovt4Ol1Sb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26813
x-xss-protection: 1; mode=block
expires: Thu, 15 Dec 2022 10:25:31 GMT

GET 101995
dmx.districtm.io/s/v1/img/s/ Frame 9982 0
0

GET
H2 200 integrator.js Show response
adservice.google.se/adsid/ 107 B
792 B 260ms
74ms Script
application/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.se/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 693ms
45ms Script
application/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thestar.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame D96C 0
18 B 147ms
79ms Document
text/plain 185.60.216.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

185.60.216.35 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.thestar.com
Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.thestar.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:31 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 102ms
62ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:31 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 117ms
117ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

9eb05a571f8f5180079edba312001f70c535f1a7b0e7c9855c6ae940a1d95163

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71315
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 10:25:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 114ms
113ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

a31442e855e9446a36a7fccde1b08e0b29afd7f9eb74c890cb2ddf8b25d0d216

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44189
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 10:25:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
70 KB 97ms
78ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-698108511&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

1f7c1000f7412bffc29f54ce50c31c04442dcbed4432388f87840ae808be7eb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71303
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 10:25:31 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 111 KB
43 KB 100ms
75ms Script
application/javascript 172.217.16.200
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10230056&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P86MZHL&gtm_auth=6lA8dG63UaQ5ed3gQljsjQ&gtm_preview=env-2&gtm_cookies_win=x

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.200 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f200.1e100.net

Software

Google Tag Manager /

Resource Hash

b61fb4733600b39bf28ee5d0c50188d89bf5c9cd2261e004c3c2d85c71526c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:31 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44187
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Dec 2022 10:25:31 GMT

GET
H2 200 RCdd630314d8a144ce818cf865b37c1fd3-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
1016 B 118ms
49ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCdd630314d8a144ce818cf865b37c1fd3-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 315b703836da97c6a588734471bd908afc143a0b6b812ef09784099f5826399c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:40 GMT
x-amz-version-id: lPMxlcvyIOBRkarIYLdElVfpHi9PPHWe
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"6dae72e5e8b4818aa95731b9a879be90"
age: 3172
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 51emamdJ0GZsg8QCvg7ANpuLBD5lNgABP0TulYzW-zODieke4bjl3A==

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 60ms
60ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 10:25:31 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 308 KB
56 KB 1196ms
1194ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2499574925828476&correlator=3018772931653437&eid=31071094%2C31071295%2C31068366&output=ldjh&gdfp_req=1&vrg=2022120801&ptt=17&impl=fifs&iu_parts=58580620%2Cthestar.com%2Chomepage&enc_prev_ius=0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2%2C0%2F1%2F2&prev_iu_szs=1x1%2C728x90%2C300x250%7C300x600%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C728x90%7C970x250%2C300x250%7C300x600%2C134x170%2C134x170%2C134x170%2C134x170&ifi=1&adks=2173569469%2C1887631228%2C1330620275%2C3893840796%2C3893840797%2C3893840798%2C3893840799%2C1330620276%2C2480448003%2C4090677273%2C4090677272%2C4090677279&sfv=1-0-40&prev_scp=pos%3D1%26refresh%3Dundefined%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D3%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D4%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D5%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D2%26refresh%3Dtrue%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2%7Cpos%3D1%26refresh%3Dundefined%26polarAdDisplayType%3Dwith_column_image%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=permutive%3Drts%26tkspo%3D18%26env%3Dbeta%26gs_channels%3Dpr_ts_pl_nws_lctns_cnd_ntnl%252Cts_pl_nws_lctns_cnd_ntnl%252Cgs_politics%252Cgs_politics_misc%252Cgt_negative%252Cts_pl_nws_lctns_cnd_prvncl%252Cgs_sport%252Cpr_test%252Cgs_business%252Cgv_crime%252Cts_sprts_tlvsd_gnrl%252Cts_sprts_tlvsd_smmr_lympcs%252Cgs_sport_soccer%252Cts_sprts_ctvty_bsktbll%252Cts_bz_ndstry_gnrl%252Cts_sprts_ctvty_bsbll%252Cts_tch_cmptng_ntrst_gnrl%252Cgv_death_injury%26referrer%3Dunknown%26environment%3Dproduction%26cutpoint%3Dlarge%26subscribed%3Dno%26registered%3Dno%26key%3Dhphub%26prmtvsdk%3Dweb&sc=1&cookie_enabled=1&abxe=1&dt=1671099931727&lmt=1671099931&dlt=1671099922407&idt=4000&adxs=0%2C436%2C1059%2C436%2C436%2C436%2C436%2C245%2C244%2C528%2C812%2C1096&adys=0%2C0%2C987%2C3988%2C5596%2C7329%2C8708%2C2282%2C4156%2C4156%2C4156%2C4156&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&frm=20&vis=1&psz=1600x0%7C1600x-1%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&msz=1x-1%7C1600x-1%7C300x250%7C728x90%7C728x90%7C728x90%7C728x90%7C300x250%7C260x0%7C260x0%7C260x0%7C260x0&fws=0%2C512%2C512%2C0%2C0%2C0%2C0%2C512%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=992549094.1671099927&ga_sid=1671099932&ga_hid=2015298163&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

961734a1ad6f2cb695cfee32126bfb9f5ccb7bc6acf97b5691052209c2c9a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57391
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1,-1,-1,-1,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1,-1,-1,-1,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 279ms
111ms XHR
application/json 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

2f7f3c94b425efd4c72918d6a824d3e6d58313eaeb92d1d5c0c66f35ea941b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12508
x-xss-protection: 0

GET
H2 200 container.html Show response
a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 827A 6 KB
3 KB 403ms
64ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Fri, 15 Dec 2023 10:25:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 9982 0
239 B 520ms
130ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 s13323102867958 Show response
s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/ 43 B
329 B 67ms
63ms XHR
image/gif 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.thestar.com/b/ss/torontodnnlocal/1/JS-2.23.0-LCXS/s13323102867958

Requested by

Host: resources.thestar.com
URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/hostedLibFiles/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Fri, 16 Dec 2022 10:25:32 GMT
server: jag
etag: 3588659779535896576-4619854393038154028
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.thestar.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Wed, 14 Dec 2022 10:25:32 GMT

GET
H2 200 adsct
t.co/1/i/ 43 B
377 B 373ms
164ms Image
image/gif 104.244.42.197
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=231a704e-dd67-4923-85bc-73e74c8ce3af&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=65b06710-5565-401d-ba40-5597f44ea260&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.197 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 110
date: Thu, 15 Dec 2022 10:25:31 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6faf7734c10c8e1d
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 9e9af83ab3d7110450617a2d419df0daaf5c49636c9994b4cdc18c5c9fde2fd6
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 367ms
159ms Image
image/gif 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=231a704e-dd67-4923-85bc-73e74c8ce3af&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=65b06710-5565-401d-ba40-5597f44ea260&tw_document_href=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tw_iframe_status=0&txn_id=nuz9l&type=javascript&version=2.3.29

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time: 104
date: Thu, 15 Dec 2022 10:25:31 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 4ae69713c62161b4
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: a58e6591e2e29ae283fc962919230d0106136d7f42c4f3f63707baaa15504267
content-length: 43

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 543ms
156ms Script
application/javascript 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
x-cdn: akamai
etag: "8d9d0550c915347e312e24f00d311e50"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
content-length: 1146

GET
H2 200 RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 981 B
1 KB 94ms
33ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCcf6c41d85a5d48ecbc8941416ef1057a-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d6d627c1400f6246a64cfaff3165e87c18455e790b85df2bf319de0a06af4cd5

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:40 GMT
x-amz-version-id: Umo_fci4feKEZVe9B60TnG8TCx2.ZiQ5
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 3173
etag: "3a4139048c3bdca88df9171ccecd6b34"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 981
x-amz-cf-id: Gn7gc4foBz0SZhcwH805nnCibmarZxG8uXARQKWvOUvSaFCwRk_YKw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/ 2 KB
2 KB 425ms
136ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/698108511/?random=1671099932167&cv=11&fst=1671099932167&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&auid=2007690682.1671099932&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-698108511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

734330c7274b200adef4f848d98a1b35a8f6a8ef4ace4d7f3d5f7e323da79c02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 921
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue Show response
10230056.fls.doubleclick.net/ Frame 1EDA
Redirect Chain

https://10230056.fls.doubleclick.net/activityi;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
https://10230056.fls.doubleclick.net/activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww....

408 B
258 B

250ms
112ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10230056.fls.doubleclick.net/activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10230056

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

75403ea985ed1a051c8219f35940f43d9865fdc2f0ba7ad913945475e7ddb854

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 233
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Thu, 15 Dec 2022 10:25:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://10230056.fls.doubleclick.net/activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 396ms
113ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:25:32 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 350ms
81ms Script
application/javascript 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Thu, 15 Dec 2022 10:25:32 GMT
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 61A62894C4B6457C82954A35DE4EFBD7 Ref B: STOEDGE1511 Ref C: 2022-12-15T10:25:32Z
etag: "027e538cd8d91:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11472

GET
H2 200 RCfc98541866c44adc8969609b572bc808-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
949 B 234ms
55ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCfc98541866c44adc8969609b572bc808-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98942b504ffe9f347ae6da5775f3e4432d1f63f51cecf34a3bef251bb846673

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:40 GMT
x-amz-version-id: dK5kdWSZuCnjPfei.svG1LKr.vEWlFmr
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"71bba86a6ad2931365ec57c49caf3c37"
age: 3173
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 1eAzrLKpPBvu18A3hsPguMTbjZuhOdfyrEQMHasdHvwwDAbKfpI8aw==

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame E33A 15 KB
6 KB 259ms
63ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: elb.the-ozone-project.com
URL: https://elb.the-ozone-project.com/static/load-cookie.html?gdpr=0&gdpr_consent=&usp_consent=&pubcid=df84048a-7355-4612-88f5-e98dd000feaf&publisherId=TKN100000001&siteId=4204204311&cb=1671099927303&bidder=ozone
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://elb.the-ozone-project.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=163677
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:32 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Sat, 17 Dec 2022 07:53:29 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 1017 B
658 B 234ms
65ms Script
application/x-javascript 2.16.238.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4baf1f8d152b97458890b22fef3b1a965a8fbd9f2207d4b8c51fc6e1e5d401d3

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: gzip
last-modified: Wed, 14 Dec 2022 19:04:50 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=31169
accept-ranges: bytes
content-length: 490

GET
H2 200 RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js Show response
resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/ 1 KB
985 B 76ms
51ms Script
text/javascript 18.66.97.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.thestar.com/cf7f3d5747a0/cb6b77270cd8/6f0aff617faf/RCe46cbcc54abd406cab4e76bfe42b5d04-source.min.js
Requested by: Host: resources.thestar.com
URL: https://resources.thestar.com/launch-EN5e55511c260e4c0cb05872ba3729b255.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-65.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2e3db724b393f39920a94a2ab7767929530374d8b52c18830bba21fbd9c91483

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:32:40 GMT
x-amz-version-id: rH8DhspXUcrvceqJNos4Q540uL6QMUJI
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 09:31:58 GMT
server: AmazonS3
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/"fee1d732b28d479f644a693f2b34ba2f"
age: 3173
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: s7P6_Oxfwgh8Yu_mZd54eAP2YcEviFvU-kwzaNzndMhjT9WZ6xlU7w==

GET
H3 200 /
www.google.com/pagead/1p-user-list/698108511/ 42 B
64 B 173ms
89ms Image
image/gif 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/698108511/?random=1671099932167&cv=11&fst=1671098400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4070385370&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/698108511/ 42 B
64 B 367ms
96ms Image
image/gif 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/698108511/?random=1671099932167&cv=11&fst=1671098400000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&tiba=The%20Toronto%20Star%20-%20Breaking%20News%2C%20Toronto%20News%2C%20Ontario%20News%2C%20Canada%20News&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4070385370&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.js Show response
www.redditstatic.com/ads/ 25 KB
8 KB 272ms
87ms Script
application/javascript 151.101.1.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.redditstatic.com/ads/pixel.js
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: snooserv /
Resource Hash: 4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
server: snooserv
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag: "3528fd00b652f61a266eb584d96f4fcc"
vary: Accept-Encoding,Origin
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type: application/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 7722

GET
H2 200 main.9a94ee76.js Show response
s.pinimg.com/ct/lib/ 58 KB
21 KB 260ms
199ms Script
application/javascript 104.84.56.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

akamai-x-true-ttl: 1209600
content-encoding: gzip
x-cdn: akamai
etag: "e43867aadc515024dd460d8611098a12"
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=1209600
accept-ranges: bytes
content-length: 20728

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame E33A 2 KB
3 KB 355ms
128ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=63168448&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 5ca97d6a98c54f623914b3d9cadbebea52e6c9fb99426d16eaa84ac571eb4025

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 13008914.js Show response
bat.bing.com/p/action/ 0
118 B 254ms
244ms Script
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/13008914.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Thu, 15 Dec 2022 10:25:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7FAE53EE90EE41E0BED138C6023CDB50 Ref B: STOEDGE1511 Ref C: 2022-12-15T10:25:32Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
174 B 158ms
157ms Image
text/plain 13.107.21.200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=13008914&Ver=2&mid=8fa55e52-2f50-4038-8f62-3aa78698f7e0&sid=ce49aac07c6211ed956df9adb7a9a0d8&vid=ce4a21c07c6211edad309764e1ff9ee9&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=The%20Toronto%20Star%20-%20Breaking%20News,%20Toronto%20News,%20Ontario%20News,%20Canada%20News&kw=thestar.com,%20the%20toronto%20star%20newspaper,%20the%20toronto%20star,%20world,%20sports%20news,%20GTA,%20Toronto,%20Canada&p=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&r=&lt=8144&evt=pageLoad&sv=1&rn=483558

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 15 Dec 2022 10:25:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 1FB52111449A4AC1A11C3381B4F05EF1 Ref B: STOEDGE1511 Ref C: 2022-12-15T10:25:32Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 702D 13 KB
5 KB 341ms
82ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 513
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:17:00 GMT
expires: Fri, 15 Dec 2023 10:17:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3728 783 B
534 B 132ms
131ms Document
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f4.1e100.net

Software

GSE /

Resource Hash

047bbd033f518da9326f5f7c4e9b1bcb42d50ba17baec2442fdcbd639decafcd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CepwCVqUsGuRhdQmA2xayA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-CepwCVqUsGuRhdQmA2xayA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Thu, 15 Dec 2022 10:25:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 104ms
89ms Script
application/x-javascript 2.16.238.147
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.238.147 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-238-147.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:32 GMT
content-encoding: gzip
last-modified: Tue, 13 Dec 2022 16:10:50 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=12360
accept-ranges: bytes
content-length: 4581

GET
H3 200 dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
adservice.google.com/ddm/fls/z/ Frame 1EDA 42 B
63 B 389ms
153ms Image
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=*;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue

Requested by

Host: 10230056.fls.doubleclick.net
URL: https://10230056.fls.doubleclick.net/activityi;dc_pre=CP229q60-_sCFUMRGAod2VsHNg;src=10230056;type=ret01;cat=land01;ord=649743520430;gtm=2odbu0;auiddc=2007690682.1671099932;~oref=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://10230056.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3728 0
0 348ms
143ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120801&jk=2499574925828476&rc=05AGDUI8CcyRbG3sW1iORIp4ajMPf7-eLHIs10XxQ17bCxXx55EcP91BQTKdJvFlLtc3hJPjK_pmGYx-npsxgy0j-XRKaMJ7bQE1QG-y-zNBHuiTwmMvY87yltyfO1Z25HcBmdl9Hc54yPU45H0oXVaM4IvxtFI17vSenqoYDsBEj6P4ZInT42Wg
Requested by: Host: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
604 B 301ms
133ms XHR
application/json 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/user/?tid=2612846434758&cb=1671099933000&dep=2%2CPAGE_LOAD
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pin-unauth: dWlkPU56QTJZV05oTkdVdFkyUXpaQzAwTVdaaExUZzROREV0WlRVMU5UazBNMkZrTnpFMQ
pragma: no-cache
content-encoding: gzip
referrer-policy: origin
date: Thu, 15 Dec 2022 10:25:33 GMT
x-cdn: fastly
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thestar.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1830163019146051
content-length: 377
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 rp.gif
alb.reddit.com/ 42 B
157 B 297ms
134ms Image
image/gif 151.101.129.140
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alb.reddit.com/rp.gif?ts=1671099933006&id=t2_kcsr8bo&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=b64cb375-79f4-4031-94a6-60408721ac6b&aaid=&em=&external_id=&idfa=&integration=reddit&opt_out=0&sh=1600&sw=1200&v=rdt_1967aea8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
via: 1.1 varnish
server: Varnish
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 42
retry-after: 0

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/ 36 B
375 B 66ms
65ms XHR
application/json 65.9.66.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-56.fra56.r.cloudfront.net
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 15 Dec 2022 09:36:50 GMT
content-encoding: gzip
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2923
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: IhDdrEaABYioFMA8U4P9SRqyc5GoRneO4aXA51-fTvPJqStOMfTi_g==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1671099933014&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3116868%26time%3D1671099933014%26url%3Dhttps%253A%252F%252Fwww.thestar.com%252F%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1671099933014&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true

0
159 B

208ms
188ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1671099933014&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 6A768293BC08405FB1A7305491A8C9EA Ref B: STOEDGE1113 Ref C: 2022-12-15T10:25:33Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXv20Xu3AZtdSKpbGG/ZA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com onyx.www.linkedin.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Thu, 15 Dec 2022 10:25:33 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXv20XrGmgcFadD7cZnIA==
pragma: no-cache
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 84D8B8BF40AD4123B2D5F14542E73E88 Ref B: STOEDGE1113 Ref C: 2022-12-15T10:25:33Z
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options: sameorigin
x-li-fabric: prod-lva1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3116868&time=1671099933014&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
247 B 277ms
132ms Image
image/gif 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ct.pinterest.com/v3/?tid=2612846434758&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%229a94ee76%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1671099933023
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
referrer-policy: origin
x-cdn: fastly
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1248747872040143
content-length: 35
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 token
cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/ Frame 0
0 221ms
62ms Preflight 65.9.66.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/3116868/domain/thestar.com/token
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-56.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 1800
age: 33289
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Thu, 15 Dec 2022 01:10:43 GMT
via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
x-amz-cf-id: ExPmC_XO6hCBOEkwwAoncOCgJJwyfhVEtG-XQZpNL-vpeQdzcGeJcg==
x-amz-cf-pop: FRA56-C1
x-cache: Hit from cloudfront

GET
H3 200 container.html Show response
a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3F1C 6 KB
3 KB 198ms
69ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Fri, 15 Dec 2023 10:25:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DD2F 6 KB
3 KB 153ms
73ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Fri, 15 Dec 2023 10:25:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 58E9 6 KB
3 KB 122ms
72ms Document
text/html 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120801.js?cb=31071295

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:32 GMT
expires: Fri, 15 Dec 2023 10:25:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame 9BE9 565 B
403 B 72ms
72ms Document
text/html 151.101.128.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ct.pinterest.com/ct.html
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.9a94ee76.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.128.84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Request headers

Referer: https://www.thestar.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Thu, 15 Dec 2022 10:25:33 GMT
referrer-policy: origin
x-cdn: fastly
x-envoy-upstream-service-time: 0
x-pinterest-rid: 5727663800205700

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B265
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15b2639a-f61e-4800-b27d-1ba89abe02ca&gdpr=0&gdpr_consent=

568 B
642 B

63ms
54ms

Document
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15b2639a-f61e-4800-b27d-1ba89abe02ca&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Thu, 15 Dec 2022 10:25:33 GMT
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Thu, 15 Dec 2022 10:25:34 GMT
Expires: Thu, 15 Dec 2022 10:25:33 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 180 1fd3e2d master nrt-pixel-x3 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15b2639a-f61e-4800-b27d-1ba89abe02ca&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 5A61
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8511140874028250531

42 B
415 B

439ms
69ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8511140874028250531
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 10:25:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8511140874028250531
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 5634 43 B
363 B 209ms
67ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:33 GMT
expires: Thu, 15 Dec 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 512232
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 90A0
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

225ms
224ms

Document
image/gif

67.220.226.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.226.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 15 Dec 2022 10:25:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: JN0ZKB4QED5MD0XPM1VS

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 15 Dec 2022 10:25:33 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=3F61B126-3179-485B-B7DE-131989465663&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: SG9ES64S9DAKYV9Z6AJZ

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 69FA
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4818220284326262611&gdpr=0&gdpr_consent=

42 B
446 B

492ms
62ms

Document
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4818220284326262611&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 10:25:32 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

AN-X-Request-Uuid: 3b2ae351-4558-49da-b8a6-cbf06a1ce7b0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 10:25:33 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4818220284326262611&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 185.147.213.67; 185.147.213.67; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E33A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=P2GxJjF5SFu33hMZiUZWYw%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

15 KB
15 KB

83ms
60ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=163676
accept-ranges: bytes
content-length: 5549
expires: Sat, 17 Dec 2022 07:53:29 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame E33A 95 B
382 B 209ms
75ms Image
image/png 104.22.24.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=3F61B126-3179-485B-B7DE-131989465663
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 779e79d8bbc10a28-ARN
access-control-allow-headers: *
content-length: 95

GET
H2 404 qmap
sync.crwdcntrl.net/ Frame E33A 49 B
266 B 245ms
30ms Image
image/gif 52.49.181.242
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3F61B126-3179-485B-B7DE-131989465663&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.181.242 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-181-242.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.153
content-length: 49
expires: 0

GET
H3

204

cr
cr.frontend.weborama.fr/ Frame E33A
Redirect Chain

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=41730642

0
16 B

196ms
109ms

Image
text/plain

34.111.129.221
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=41730642
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H3
Server: 34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 221.129.111.34.bc.googleusercontent.com
Software: Weborama Collect Frontend /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
via: 1.1 google
last-modified: Thu, 15 Dec 2022 10:25:33 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:32 GMT
via: 1.1 google
last-modified: Thu, 15 Dec 2022 10:25:33 GMT
server: Weborama Collect Frontend
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location: https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=41730642
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame E33A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0Y2MUIxMjYtMzE3OS00ODVCLUI3REUtMTMxOTg5NDY1NjYz&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

549ms
70ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 10:25:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

502

Pug
image2.pubmatic.com/AdServer/ Frame E33A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB3lbQbBbHLSp4pQGCW4zGE&google_cver=1

0
0

550ms
62ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB3lbQbBbHLSp4pQGCW4zGE&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB3lbQbBbHLSp4pQGCW4zGE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame E33A 43 B
610 B 205ms
69ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 14 Dec 2022 10:25:33 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame E33A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8075392156318716458

42 B
298 B

457ms
64ms

Image
image/gif

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8075392156318716458
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Thu, 15 Dec 2022 10:25:33 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8075392156318716458
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E33A 70 B
265 B 321ms
97ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 702D 36 KB
16 KB 69ms
64ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153644
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 921B 0
16 B 493ms
89ms Document
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnsJBC_m8_xAxjEsenRATAB&v=APEucNUdrIN8jxatuW6m5l1fHylLm6h5VvDa0E6hKmXbFWdsjFDgpKc8RivbdbPHtReBwtvCccAGg6xIXzTHAcR8DcYSPLIjVA

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 58E9 23 KB
9 KB 126ms
70ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 05:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16804
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 05:45:29 GMT

GET
H2 200 5905139220302703391
s0.2mdn.net/simgad/ Frame 58E9 47 KB
47 KB 511ms
66ms Image
image/gif 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5905139220302703391

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

9047e2cfbd474818326eedd41d9b9bb75061d019c09e55c03ae65a3e2e30448f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 19:58:28 GMT
x-content-type-options: nosniff
age: 484026
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47867
x-xss-protection: 0
last-modified: Tue, 23 Aug 2022 14:28:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 19:58:28 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 58E9 6 KB
2 KB 135ms
80ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 17:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 60771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Dec 2022 17:32:42 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 58E9 0
0 302ms
121ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstW9YroVcy15xd9Au8cwSEpMfpJ2_VnO8CTinWL-ry9vE8m4oPCl8ASOX0glQagUhsREE1miMSfqWbZUZ_hfYm7LEIcHNLO5j_Dt6e8HPFDMdTob26Gl53iK-vSOaXd_hSBK3JNlqIoFaMcXf_qaAJLDJ__Nm7slAMJ6r5TXHxmVeF2FD9fcZZYVYupEO2-Vi9qH6xLt7FwY5h6pST0FZ-tNtz2qD2OKvBWRSmxTGiSAr0vVb1YdOtOrEDvJi9Qi_ESdNqGxUkNAGNOAtU_DvPbL1K4IlQ_JJtkCZLCqQLb2GSXnOAbxxLnPiQQ6nuCoSrttor0SAxZpOt2SWvSmf8wutHxK2C0ZtFsauJsAF457inSNHgJ4QhUnVeVfXEZtEYxA1T8S1ekCiOfaJUoqzdV7oAC1voPVhzdQ0D5veTA9Ja8K00WTu9VBg3OQ9cx-iWjSkJKULgGCvGIxgfo5Jbde1JxZi1pUDhQKhsoHPiDNQkKQGkSnO061nlYwwes8Djaz_aR6Xz8nCaVqPlYfwoGjiuPByETQwE5iT8WJg8hIjC-2muYBeZA0AhV82v1MQyYAwLm97UPkb5LG1PWKvzWJyOqXn-jb_0DC27vXDgpSNBtA3Jn66UFL7etTjfm7kZRtQtICkjOF-pxOsMx_0Tp4KnnWg-ke2Oc1diLdNYRCt3y5JP4UjDzu40pLRGxwmmf8RM5FOJsm14vdU8HStGQgCswCCmmPUpm5K1G4LMa1xyQ-LVjrFqa0LnQaCkvDc4RQuHoo_uIqpHU6unyAFUmiQbBa6eMHD31Zi9DPIXUZIKYMmrGVOfStzqgxkk3L_dGYcmQFKliNfRJrKEExAhz1oMLydOgooDns9_lCDFIzLdLXFRxSlmjZVIHj_oDBpRUftp9-kJmPILs4rOxihPs5Z6Q4bfw3yyvvz9BZBVfzQNZlxuWRXW4buzaQHJLnNK3OqR_EZIdkv8UoDIJHqlrVjrpL4IldtF8Lb4KtLLjmRi16Mu27U9_suTb0NjkLVbwAPRqaZCBB1WCzmPDx5a_qOFghBbn63M_X-rHMaKW3QPQub7dgUxx5_9Lr5XMDfgamfIL-bm211DMd1uFJr_DRHaYN05PfcxG0o65khwq2cwI6qS1mP_LX5eYK1DHrtenOtzlHCkoCWmcuj6OOGdWUUOKXv0eKU7ZsyuaiHMRbIbjAa-z3aOYiIqyJgL1XpjYFr47DJfTbV6q3Q&sai=AMfl-YRs5-ZrvTjQupdpYPHfIev3KsCLWQNDLKqFzuwkZvv-H1nW9Se5KZITQuh5raJ-_fyDDvpP_IeakQge732d91Dv0Q9RlZyA_TSxzcKxK-Tf_AYm6rP3avUc1pRkkL3iy59-_biw2JWyLuuV_e-eV6cNSg2ur7e5mKZ1CDtE7VPBWddDav6ih8L0IfmZTEKPLRy2TRJXabvQs5kNKhrmb-eaju5Hz9kkYJpbgtJqKUhF0Xl1UYqvrXlgMSWB46P0DQ3ulV330zBsD4avQE-vhQDV5pDMj3cxdUYtLPk7up8XZ-Q-d2UUU8uZ3iGZ9t40mJ2vbS27uDpcXrTxdz5B6pjqoPt3_2XHaPZnPs5Dca4H08lkhqomDJFVSg7MkkQIZjjg0h-Wh9LLMWFZ4siDag&sig=Cg0ArKJSzHePnfq4IPN6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20221207.41433&arae=0&ftch=1&adurl=

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 15 Dec 2022 10:25:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 10:25:33 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 58E9 41 KB
15 KB 123ms
81ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:24:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Dec 2023 09:24:44 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 58E9 42 B
63 B 178ms
136ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWr19QabdnMnSVsucNRS6LampOGtyoGYIoZfj257bbxL26PzMRfRgzZwrsbViM0cxWNsg7PFccJrnzCN7HS2Moh541k-1OnoASA_BQK7scVXHv5_Q

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 58E9 3 KB
1 KB 261ms
214ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 10:17:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 58E9 18 KB
7 KB 124ms
77ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 09:24:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 58E9 0
0 124ms
78ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGCqoFbRpxwLGQBMaMXl-w6SQeD9994y3p3JIKyBcDTDrigOBK51-Q0Pjl91HYP3fLf9A_
Requested by: Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 58E9 153 KB
47 KB 381ms
184ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:25:33 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 58E9 23 KB
9 KB 173ms
126ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 09:24:42 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DD2F 0
0 163ms
143ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CnTh0HPaaY8ZzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEmQJP0FWBSoZFIYYE9kiSFOAZuTmFU0BYQr7-E9layAc0e1KMHI549tSFSXKxXQ4-HbpSqjXTksJCfygDYxCoyv3eJp5R9VvTpdjI1nG3FFJ201JgmJFcOpKEitb4o7XDek6DPFUCktqDVlYJb4Goh45tdrRzyjzJmLvcORHRWfJ7z4JrOLYz0aEcz4MVHCEivXwupeQQYLMFu3f4TzH2uvZmX-FrW4uBQHAMyotxKQYNS_7m4bIe2G0K-tG44UP2-RiRgti5YYmdN-L2UcjSClDPG1Mx0EKNqpIMeQ6hxj-xFPUqop-kii3z72RyUX-IHwZ5HaYUxrjUVbBnJwcNc64ASq0eCKUjZNrGlmalryRac_sN6V0V39AXb-AEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=xapA-W8EqAA&uach_m=[UACH]&cid=CAQSOwDq26N9GFmvTHXGPVDpcJEwS6XXaJDykBKA6aOWqx1uvdsDoVWwP6YmFyj3HysUcFvF8ON6XUO4CzhzGAEgEw
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame DD2F 0
0 468ms
68ms Fetch 178.250.0.129
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k-fnDeHVC6wC2ASdg2ICAgAAACJKZIV_0s-Szv-shSCbaOUQG_aaYzgze-anQtRU_TZ7ABIAAA&wp=Y5r2HAAAOcYKd8CBAAYqrT3DCwtVzHbmylOoIA

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.129 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 196219
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3283 212 KB
57 KB 670ms
269ms Document
text/html 178.250.0.138
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5r2HAAAOcYKd8CBAAYqrT3DCwtVzHbmylOoIA&u=%7Cv18m8cqjo2DCyhdJm%2BSX0X9tuEve0jHDpZh%2FFXg%2FKNA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTP1xyKUNDD5-MmS2jjKmXiPpE0HK46Oh7aefLcYI_J1xv1q1bpt64V1zgX5YlB95IUpUFMG9n6QN16Y0F7wLJ_LdY325Zfyzgfud4RrxhP6wzzfe3TY70GKtEoAoESn7ezudsS27tI0jxGyCMDqhfzDCb24URpljTFrpJO7hbbzjtWzscq98HqVCpsA5c6rMsAJc-lUI0F0uAQ1mSv8swi8BG9tR3ojgkY2XrYv8LMLCF2rZCHihNlGR7GxSNO42nZAbz5Mot_AEQvdxnstn6_-mpl3FbpwerRGw-s2xn1k57S8s5BCtQXmF6OyikZV6OzjL9lN97ew_EenrxJQ4a1P_N2BdFivoE3CMAOj4-UFPdtzraLk5YlVWHC73iO4clRZz_xHnMOu4McgK6-8LhGtw0i5HBL3pik4gLHoS3_DWxm4z3rlxLOVfQtXITDoSMoFpuB5CGYqyEWASbPjJUVjB_47p9LgjydWWd5KAz16EV-1u0lNoY2VDOt2jbXOE3DhvSrUAb9fSkpx5tNmJOoOJ97XKJZfXFgEm47QUIDiu2Z66mpYuKz7KoMgFxuWTC0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtHbmHPaaY8ZzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEnAJP0FWBSoZFIYYE9kiSFOAZuTmFU0BYQr7-E9layAc0e1KMHI549tSFSXKxXQ4-HbpSqjXTksJCfygDYxCoyv3eJp5R9VvTpdjI1nG3FFJ201JgmJFcOpKEitb4o7XDek6DPFUCktqDVlYJb4Goh45tdrRzyjzJmLvcORHRWfJ7z4JrOLYz0aEcz4MVHCEivXwupeQQYLMFu3f4TzH2uvZmX-FrW4uBQHAMyotxKQYNS_7m4bIe2G0K-tG44UP2-RiRgti5YYmdN-L2UcjSClDPG1Mx0EKNqpIMeQ6hxj-xFPUqop-kii3z72RyUX-IHwZ5HaZWxJlG0j_7NLiRZw3QdwvmAbEp0tDojuQRZxn8gUQTxUWQdVQE0HUs6uAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18BdWzaUmn4dZH76MKz8r0J3iRxw%26client%3Dca-pub-8188431425509997%26adurl%3D

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.138 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4568aa9f2365949b19889d2edad0a33ec6aefdbed4b7c2698a2aaa12509656b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qQrUbGNK0I6-MQ0BVE3p5jb4MvL5e1VgHhxgv4FMCAcwRxDE87UOAd2n8Dz2Lnlk5vijZ28dlmhobCxw2yhxP1JGJWLN3JH5mnlYbIh0f7doQW_bc5XY-qiV-G7P3ctFmCggkIzaLHsE_pPOqNsKeaqlx_wO6KvBm30USDPnf2Jyy2GsaAouwQl5Vj9bid5iyEQVl5uKShEOOKVhJRRyGkMcQfp-4m0sUMZICbkzJ-hdLJ2drz8FuFdQnak2jRKqly9CKQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 130886721
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DD2F 3 KB
1 KB 232ms
213ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 10:17:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame DD2F 18 KB
7 KB 166ms
147ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 09:24:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DD2F 0
0 140ms
121ms Image
text/html 142.250.186.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSPQQSllBTHSb5nHzWLtzAX0yTSI3IYqH7iskLComDjKTefRWBKOVXI3jym6aZ3qKucQwU
Requested by: Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.68 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DD2F 24 KB
6 KB 165ms
148ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 22:03:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DD2F 153 KB
47 KB 250ms
87ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:25:33 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3F1C 0
0 159ms
143ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Czd4MHPaaY8tzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEmQJP0Jsz1p_-SvkFjAC9iXaZZgCIZD1dJbS_43xIswfzIsrYeSKRAAMvVyDTtnqHp2U1sEMY8kU7Jw86bZ4M0VCO2Tzs_0oNGX5tkjJvMVpuG80FVvNFjIuKvvKncs1KMGXRD-80uyj3aZXoEHjWHCsKB3GIiQDvLYNbOWoz9zXHlWV0VGSpFTLT6G3BH-vpIUUH1QuCPYu735w34bhPO16VYzXNdjb3eS9raVNoLx5WhEuzUxaINE4eDp7TrDViK8Tlj3ReJeNZCyGr9jNzLLLonk_xZ865i0sHlqQ7KaT9ytWw4gXVy7dkxxoF1aoUd7pVw_Q6QvqtS6IDv0hHf_CMPjwcN-tmvSSdSRnzS4eX0yXC0-d-Qv945eAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODE4ODQzMTQyNTUwOTk5NxiUmRQ&sigh=1UB4p272eSY&uach_m=[UACH]&cid=CAQSOwDq26N9GFmvTHXGPVDpcJEwS6XXaJDykBKA6aOWqx1uvdsDoVWwP6YmFyj3HysUcFvF8ON6XUO4CzhzGAEgEw
Requested by: Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3F1C 0
0 454ms
61ms Fetch 178.250.2.129
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=k-fnDeHVC6wC2ASdg2ICAgAAACJKZIV_0s-Szv-shSCbaOUQHPaaY0-hxcr7iiGe1p_MABIAAA&wp=Y5r2HAAAOcsKd8CBAAYqrbRSWd_w3lq1LDJnkw

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.129 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 212746
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 34E9 140 KB
48 KB 543ms
151ms Document
text/html 178.250.0.138
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5r2HAAAOcsKd8CBAAYqrbRSWd_w3lq1LDJnkw&u=%7Cv18m8cqjo2CWuOo79iCpF1%2BgBGnGHlYG4LQW7SX2w7Q%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTP1xyKUNDD5-MmS2jjKmXiPpE0HK46Oh7a1viazdIPadplugJ-MRk9s4JM64uwn6mnQoysvxcwABoiZbm9SgQiHbjI266D5gO1Rd2FT7fupZwo-MbipS7C-X6H2nWr3_YrZpmiM_I18G7AdUum7jdkTrOrTunWDv_NoawjN-wCIbTuZ6Wvxtwu3rHLAWpmVnvwDIErTylffUdrZ7EHo_U3MveJ4i46-QAeaHrQg3ryl8z7zEmsAp8on8AWM5MyZ_xDLOFaYfkA2JPx6mSGBLvxGUUAuO9dRTLEzfcGIEugRSCkGWo5B7Mnz3lgRumDMmspzDc0j-CgTDDZv74EEJzIGHmTMEhRn7d-AqVz4OnsWPN2uGkXCsiT1hnYfPTzges4mkSkc6dilVkdYRSOxIdVzuPbogkqNA-jeEfLkMgiE69j7gI4EJbOWUD7xIjcJFksGlGAHQQcfMR1YGaBmA3VKAezS16hHTpaFluzczZ56PaW9lMrE6QjnIgi44FGwTmHTFfM4et6ESG_N706qai6ANzAuR2W5Ah5XKoG6RnHVihpSyaTe6UHSA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLT5PHPaaY8tzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEnAJP0Jsz1p_-SvkFjAC9iXaZZgCIZD1dJbS_43xIswfzIsrYeSKRAAMvVyDTtnqHp2U1sEMY8kU7Jw86bZ4M0VCO2Tzs_0oNGX5tkjJvMVpuG80FVvNFjIuKvvKncs1KMGXRD-80uyj3aZXoEHjWHCsKB3GIiQDvLYNbOWoz9zXHlWV0VGSpFTLT6G3BH-vpIUUH1QuCPYu735w34bhPO16VYzXNdjb3eS9raVNoLx5WhEuzUxaINE4eDp7TrDViK8Tlj3ReJeNZCyGr9jNzLLLonk_xZ865i0sHlqQ7KaT9ytWw4gXVy7dkxxoF1aoUd7pVw_R4QNs_zC2frPfba1NcA5rkPv9sCy6zUZtHg7oxIZrc___76HtrWscYuuAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2mCxYOPVZijMPyJ5LjVRZVlPsjdg%26client%3Dca-pub-8188431425509997%26adurl%3D

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.138 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

364b26f9348a46db9215ea1145f9a03717d1fc11e6d21679cc284a283bb06f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 10:25:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=eBSHjmNK0I6-MQ0BJVksb0irQF04YtdrpXKL6SnR5MFmhYiIeC3pUF0ZNH83h5VSaqrcmvitNB6NZqgY4rA0ysAReWA1vsV3k9leA-wgFFjFQ04Hp6DSKpFR2CTxw7E5cESLSFnD3nm_F-UXItK0vJ36U-68mSLFv21riSqxh3a4h2HIw59CG66H13x42-sb-ONeSIez9dwgMVrmxXbTqMFLx_3K0uFKrH7tLU8TrBh_NndGQOJDoyrhRjs"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 89822301
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3F1C 3 KB
1 KB 238ms
223ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:17:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 10:17:00 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3F1C 18 KB
7 KB 164ms
149ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 09:24:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3651
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 09:24:42 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3F1C 24 KB
6 KB 195ms
180ms Script
text/javascript 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 22:03:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44516
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 22:03:37 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F1C 153 KB
47 KB 279ms
119ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 15 Dec 2022 10:25:33 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 702D 0
10 B 91ms
76ms Image
text/plain 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?xXuvbQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.23.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f97.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
DATA 200
OK truncated
/ Frame 58E9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a00ad9c287fdfe3fbbd7e418b2843e605752d892dc979ed3a9a6125aa33a1738

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DD2F 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fc056e127e83d2d08a573848695b784b5852d1c84fb3063915158ec556246cb

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B4BD 22 KB
8 KB 118ms
78ms Document
text/html 172.217.23.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f97.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: se-SE,se;q=0.9

Response headers

accept-ranges: bytes
age: 3650
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 15 Dec 2022 09:24:44 GMT
expires: Fri, 15 Dec 2023 09:24:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3F1C 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55e9b9403b33b58e73a6f2915ae127ab0ac3ed0112d2c66dd155ae09ce7cf2c0

Request headers

accept-language: se-SE,se;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 34E9 2 KB
1 KB 187ms
65ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5r2HAAAOcsKd8CBAAYqrbRSWd_w3lq1LDJnkw&u=%7Cv18m8cqjo2CWuOo79iCpF1%2BgBGnGHlYG4LQW7SX2w7Q%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTP1xyKUNDD5-MmS2jjKmXiPpE0HK46Oh7a1viazdIPadplugJ-MRk9s4JM64uwn6mnQoysvxcwABoiZbm9SgQiHbjI266D5gO1Rd2FT7fupZwo-MbipS7C-X6H2nWr3_YrZpmiM_I18G7AdUum7jdkTrOrTunWDv_NoawjN-wCIbTuZ6Wvxtwu3rHLAWpmVnvwDIErTylffUdrZ7EHo_U3MveJ4i46-QAeaHrQg3ryl8z7zEmsAp8on8AWM5MyZ_xDLOFaYfkA2JPx6mSGBLvxGUUAuO9dRTLEzfcGIEugRSCkGWo5B7Mnz3lgRumDMmspzDc0j-CgTDDZv74EEJzIGHmTMEhRn7d-AqVz4OnsWPN2uGkXCsiT1hnYfPTzges4mkSkc6dilVkdYRSOxIdVzuPbogkqNA-jeEfLkMgiE69j7gI4EJbOWUD7xIjcJFksGlGAHQQcfMR1YGaBmA3VKAezS16hHTpaFluzczZ56PaW9lMrE6QjnIgi44FGwTmHTFfM4et6ESG_N706qai6ANzAuR2W5Ah5XKoG6RnHVihpSyaTe6UHSA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLT5PHPaaY8tzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEnAJP0Jsz1p_-SvkFjAC9iXaZZgCIZD1dJbS_43xIswfzIsrYeSKRAAMvVyDTtnqHp2U1sEMY8kU7Jw86bZ4M0VCO2Tzs_0oNGX5tkjJvMVpuG80FVvNFjIuKvvKncs1KMGXRD-80uyj3aZXoEHjWHCsKB3GIiQDvLYNbOWoz9zXHlWV0VGSpFTLT6G3BH-vpIUUH1QuCPYu735w34bhPO16VYzXNdjb3eS9raVNoLx5WhEuzUxaINE4eDp7TrDViK8Tlj3ReJeNZCyGr9jNzLLLonk_xZ865i0sHlqQ7KaT9ytWw4gXVy7dkxxoF1aoUd7pVw_R4QNs_zC2frPfba1NcA5rkPv9sCy6zUZtHg7oxIZrc___76HtrWscYuuAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2mCxYOPVZijMPyJ5LjVRZVlPsjdg%26client%3Dca-pub-8188431425509997%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 34E9 2 KB
1 KB 217ms
94ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 34E9 308 B
636 B 175ms
75ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 34E9 293 B
621 B 173ms
73ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 34E9 43 B
347 B 219ms
93ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=jTHU79UuddsaCKoPG10xODiHxN2MOzAkj_wVdEJoLxadKqyDSmOzfRSrI-cUCc7Prq6bRPCsG4M8sIqS7QccCda4mBxuGb1Awv3xrdYxujL08hXN3QBXgnBEP3kkcfIt9q0L500dHaVwA_ZOBtQtGQ5CNRFAZCYOoRUsXECZS2pineggDDfpLII5NyeSuwq_K4gjezCW76j3zYH4g_twN6MsGdh5JI7cUfbX8X_9uryA2a4tMcRvC0sdCLQ94RYFzk6-OOV-7lprz75DDhDGZysYiqDMSByskKTJF7SMvXOYtEYcI7CNPuq80MV37dbBMqLH3x7-gTIT6Sh0VIkAZNdRoZTaEo9DJVVyUHHT8LokBAoLC3GJjo4jovT3CVevAvN2cuxWw3NkssBtYOuaFaquoJ-3ZBZMim1m5pSRCY5hUHNa

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3426287
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 58E9 0
0 94ms
93ms Fetch
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstW9YroVcy15xd9Au8cwSEpMfpJ2_VnO8CTinWL-ry9vE8m4oPCl8ASOX0glQagUhsREE1miMSfqWbZUZ_hfYm7LEIcHNLO5j_Dt6e8HPFDMdTob26Gl53iK-vSOaXd_hSBK3JNlqIoFaMcXf_qaAJLDJ__Nm7slAMJ6r5TXHxmVeF2FD9fcZZYVYupEO2-Vi9qH6xLt7FwY5h6pST0FZ-tNtz2qD2OKvBWRSmxTGiSAr0vVb1YdOtOrEDvJi9Qi_ESdNqGxUkNAGNOAtU_DvPbL1K4IlQ_JJtkCZLCqQLb2GSXnOAbxxLnPiQQ6nuCoSrttor0SAxZpOt2SWvSmf8wutHxK2C0ZtFsauJsAF457inSNHgJ4QhUnVeVfXEZtEYxA1T8S1ekCiOfaJUoqzdV7oAC1voPVhzdQ0D5veTA9Ja8K00WTu9VBg3OQ9cx-iWjSkJKULgGCvGIxgfo5Jbde1JxZi1pUDhQKhsoHPiDNQkKQGkSnO061nlYwwes8Djaz_aR6Xz8nCaVqPlYfwoGjiuPByETQwE5iT8WJg8hIjC-2muYBeZA0AhV82v1MQyYAwLm97UPkb5LG1PWKvzWJyOqXn-jb_0DC27vXDgpSNBtA3Jn66UFL7etTjfm7kZRtQtICkjOF-pxOsMx_0Tp4KnnWg-ke2Oc1diLdNYRCt3y5JP4UjDzu40pLRGxwmmf8RM5FOJsm14vdU8HStGQgCswCCmmPUpm5K1G4LMa1xyQ-LVjrFqa0LnQaCkvDc4RQuHoo_uIqpHU6unyAFUmiQbBa6eMHD31Zi9DPIXUZIKYMmrGVOfStzqgxkk3L_dGYcmQFKliNfRJrKEExAhz1oMLydOgooDns9_lCDFIzLdLXFRxSlmjZVIHj_oDBpRUftp9-kJmPILs4rOxihPs5Z6Q4bfw3yyvvz9BZBVfzQNZlxuWRXW4buzaQHJLnNK3OqR_EZIdkv8UoDIJHqlrVjrpL4IldtF8Lb4KtLLjmRi16Mu27U9_suTb0NjkLVbwAPRqaZCBB1WCzmPDx5a_qOFghBbn63M_X-rHMaKW3QPQub7dgUxx5_9Lr5XMDfgamfIL-bm211DMd1uFJr_DRHaYN05PfcxG0o65khwq2cwI6qS1mP_LX5eYK1DHrtenOtzlHCkoCWmcuj6OOGdWUUOKXv0eKU7ZsyuaiHMRbIbjAa-z3aOYiIqyJgL1XpjYFr47DJfTbV6q3Q&sai=AMfl-YRs5-ZrvTjQupdpYPHfIev3KsCLWQNDLKqFzuwkZvv-H1nW9Se5KZITQuh5raJ-_fyDDvpP_IeakQge732d91Dv0Q9RlZyA_TSxzcKxK-Tf_AYm6rP3avUc1pRkkL3iy59-_biw2JWyLuuV_e-eV6cNSg2ur7e5mKZ1CDtE7VPBWddDav6ih8L0IfmZTEKPLRy2TRJXabvQs5kNKhrmb-eaju5Hz9kkYJpbgtJqKUhF0Xl1UYqvrXlgMSWB46P0DQ3ulV330zBsD4avQE-vhQDV5pDMj3cxdUYtLPk7up8XZ-Q-d2UUU8uZ3iGZ9t40mJ2vbS27uDpcXrTxdz5B6pjqoPt3_2XHaPZnPs5Dca4H08lkhqomDJFVSg7MkkQIZjjg0h-Wh9LLMWFZ4siDag&sig=Cg0ArKJSzHePnfq4IPN6EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=641&vt=11&dtpt=639&dett=2&cstd=0&cisv=r20221207.41433&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.thestar.com
URL: https://www.thestar.com/?redirect=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 15 Dec 2022 10:25:34 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 34E9 12 KB
5 KB 108ms
35ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 224474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B41tF0Br3LX%2BHLJ9jd1G80AUuiSTHEwWpKI7v7jIp65e9F5n1cB1mpPZL%2BxQgGmPIC7HKC0F1Crzuk%2BOEOUHTb7y%2BMYJ7mnLGILcsfwRAjgD7HYSLRXksEbnDOJYw9DJmh0FXgeR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 779e79dd8cdf98f6-ARN
expires: Tue, 05 Dec 2023 10:25:34 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B4BD 36 KB
16 KB 57ms
57ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 15:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 13 Dec 2023 15:44:49 GMT

GET
H2 200 f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff
static.criteo.net/design/dt/ Frame 34E9 21 KB
21 KB 291ms
160ms Font
application/octet-stream 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

36a46e4d3e4c4ab8d8f61a91b00d67677ab93fff1c30994bc271496091ffe3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5cffb9e1-53c4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff
static.criteo.net/design/dt/ Frame 34E9 34 KB
34 KB 486ms
357ms Font
application/octet-stream 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f08b2431c0f7b6cac8363713c93ff2fc851362538e78d076932abd6fd02d07fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5cffb9e1-8650"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 34E9 12 KB
6 KB 122ms
121ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 34E9 8 KB
8 KB 288ms
61ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=49287&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F24217%2F151104%2F3d6cc81438ba4d60956c17961f2dbce6_fluevog-horizontal.png&v=3&w=596&s=HX0MhVuVdS1o6n42K8JfSVTJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4f1e2b8d644e853ba2e299358ce11ce17b7c128bff692cd45277dc52909b326d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29349801
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7708
expires: Mon, 20 Nov 2023 03:08:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 34E9 25 KB
25 KB 288ms
62ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025940%2Fretina_detail.jpg&v=3&w=800&s=3KTm9_UbP2ywbZx1L5E8UBou&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a2fa34a5479d7fe3b3e4ed5966e9d4249d2ab1fef2f54ff1bbd5dec86d004622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1391831
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25616
expires: Sat, 31 Dec 2022 13:02:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 34E9 25 KB
25 KB 652ms
427ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023519%2Fretina_detail.jpg&v=3&w=800&s=IppgYxJC6sDMWuFeKqSm5C0v&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9e3e886119f0d3ed7e04c1af4d8c64f5d6f1a8507140aff79fa10cbead6b985b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1043393
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 25178
expires: Tue, 27 Dec 2022 12:15:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 34E9 28 KB
28 KB 541ms
317ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000022314%2Fretina_detail.jpg&v=3&w=800&s=8U_ax26yXflL-SaGxx8y2G8O&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

75ebdc93911e3debd08a0a1d7454b5a3ef365df822809d227d5ec2af11a86bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1031539
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 28772
expires: Tue, 27 Dec 2022 08:57:54 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 34E9 0
128 B 287ms
63ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=eBSHjmNK0I6-MQ0BJVksb0irQF04YtdrpXKL6SnR5MFmhYiIeC3pUF0ZNH83h5VSaqrcmvitNB6NZqgY4rA0ysAReWA1vsV3k9leA-wgFFjFQ04Hp6DSKpFR2CTxw7E5cESLSFnD3nm_F-UXItK0vJ36U-68mSLFv21riSqxh3a4h2HIw59CG66H13x42-sb-ONeSIez9dwgMVrmxXbTqMFLx_3K0uFKrH7tLU8TrBh_NndGQOJDoyrhRjs&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 34E9 2 KB
1 KB 120ms
120ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3283 2 KB
1 KB 103ms
75ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y5r2HAAAOcYKd8CBAAYqrT3DCwtVzHbmylOoIA&u=%7Cv18m8cqjo2DCyhdJm%2BSX0X9tuEve0jHDpZh%2FFXg%2FKNA%3D%7C&c1=glLBMxGOcDk-vbOOpZWuixXrrJNSBB6veSRsiJ3YfPQC41RqR-zUWFVe_ndPsXTP1xyKUNDD5-MmS2jjKmXiPpE0HK46Oh7aefLcYI_J1xv1q1bpt64V1zgX5YlB95IUpUFMG9n6QN16Y0F7wLJ_LdY325Zfyzgfud4RrxhP6wzzfe3TY70GKtEoAoESn7ezudsS27tI0jxGyCMDqhfzDCb24URpljTFrpJO7hbbzjtWzscq98HqVCpsA5c6rMsAJc-lUI0F0uAQ1mSv8swi8BG9tR3ojgkY2XrYv8LMLCF2rZCHihNlGR7GxSNO42nZAbz5Mot_AEQvdxnstn6_-mpl3FbpwerRGw-s2xn1k57S8s5BCtQXmF6OyikZV6OzjL9lN97ew_EenrxJQ4a1P_N2BdFivoE3CMAOj4-UFPdtzraLk5YlVWHC73iO4clRZz_xHnMOu4McgK6-8LhGtw0i5HBL3pik4gLHoS3_DWxm4z3rlxLOVfQtXITDoSMoFpuB5CGYqyEWASbPjJUVjB_47p9LgjydWWd5KAz16EV-1u0lNoY2VDOt2jbXOE3DhvSrUAb9fSkpx5tNmJOoOJ97XKJZfXFgEm47QUIDiu2Z66mpYuKz7KoMgFxuWTC0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtHbmHPaaY8ZzgYHfA63VmNgEyZ7SsVzVnZH3cMCNtwEQASAAYPGt_IWkH4IBF2NhLXB1Yi04MTg4NDMxNDI1NTA5OTk3yAEJqQKHagKEr9-xPuACAKgDAaoEnAJP0FWBSoZFIYYE9kiSFOAZuTmFU0BYQr7-E9layAc0e1KMHI549tSFSXKxXQ4-HbpSqjXTksJCfygDYxCoyv3eJp5R9VvTpdjI1nG3FFJ201JgmJFcOpKEitb4o7XDek6DPFUCktqDVlYJb4Goh45tdrRzyjzJmLvcORHRWfJ7z4JrOLYz0aEcz4MVHCEivXwupeQQYLMFu3f4TzH2uvZmX-FrW4uBQHAMyotxKQYNS_7m4bIe2G0K-tG44UP2-RiRgti5YYmdN-L2UcjSClDPG1Mx0EKNqpIMeQ6hxj-xFPUqop-kii3z72RyUX-IHwZ5HaZWxJlG0j_7NLiRZw3QdwvmAbEp0tDojuQRZxn8gUQTxUWQdVQE0HUs6uAEAYAGuMH35KzH8dvlAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAcBABMgLrAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_18BdWzaUmn4dZH76MKz8r0J3iRxw%26client%3Dca-pub-8188431425509997%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3283 2 KB
1 KB 93ms
66ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3283 308 B
636 B 129ms
107ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3283 293 B
621 B 100ms
78ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 3283 43 B
348 B 139ms
90ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TzmqjdUuddsaCKoPG10xODiHxN2dtwGG1uvYUSvm57aKcs-qOvtoPrJzAaNvkNOTns880_0CHQDX47rqDbRL38BwVYFQH3w1cNlkOZJZ9APDQj1O4GFlXqnn4Yo6Bssw0DeOxKLcFjX2mLbSeTsHx9SJHnBmX9fFnGeo8S4uz4x6WlBU7qBN80iL3ziGUsuwMYQ5YWi8TmOzerjq6z3gRDM0qVheKwYyZsvHsa0agenFWLZKoTPSFs29_0PBWJ650OvGPBkHnwgW8ksW6OsYn2z9b81O2Se-1RLCuetwVx96jn8dGiJz7sL-iCudcXWa3uSSLzGnv2irmcICG7-9Smm3VBwAhdevFJctwGkuiknp5w9cSp7chVtoz9qWQtC4IhZWmXSqcI4cVcfHqdPUHyqD7iHAXqpgOaWZKLwS14dsWh4-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2618711
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3283 12 KB
5 KB 62ms
58ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 224474
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGePOpIQAhAkMPrPnrke4IZf8S0DBAf9eZ25Tquc5LAmVcM9vM%2Bk0DID3ykGOdiL%2BKEwHI026l%2F7YafbRIgzzjrdRMKVHryO%2FUdjMgweNfZYASwB4A2VxT2KluM98%2BDP2Ky5KIlV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 779e79ddad0398f6-ARN
expires: Tue, 05 Dec 2023 10:25:34 GMT

GET
H2 200 1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff
static.criteo.net/design/dt/ Frame 3283 34 KB
34 KB 231ms
168ms Font
application/octet-stream 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/1662e641d7d74eeb886a0ffc41a660df_avenirnextltpro-regular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f08b2431c0f7b6cac8363713c93ff2fc851362538e78d076932abd6fd02d07fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5cffb9e1-8650"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3283 12 KB
6 KB 120ms
120ms Script
text/javascript 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 8 KB
8 KB 542ms
444ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4f1e2b8d644e853ba2e299358ce11ce17b7c128bff692cd45277dc52909b326d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29349801
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7708
expires: Mon, 20 Nov 2023 03:08:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 8 KB
8 KB 527ms
429ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

07c2c7dd3cd4b1b52e2d71942ebcc5eac1646d8af64df95f4147aaebf3653b0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1031539
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7836
expires: Tue, 27 Dec 2022 08:57:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 6 KB
7 KB 592ms
495ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023247%2Fretina_detail.jpg&v=3&w=800&s=xY4hh69tU7G-MCXY3BPrdMEo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c0b550d22a42d979bae44714750b66b6d17e0d7bad10dcf443c03799bd06068c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1034073
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6444
expires: Tue, 27 Dec 2022 09:40:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 11 KB
11 KB 434ms
345ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000020998%2Fretina_detail.jpg&v=3&w=800&s=ht0jU-d7mGQ67fv963pJMXva&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2ccf5826587f4ddc6021bbef0d21ab5f5ca0ae2e62f546635570cfb74bc1b5e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1020879
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11256
expires: Tue, 27 Dec 2022 06:00:14 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 23 KB
24 KB 534ms
446ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000024948%2Fretina_detail.jpg&v=3&w=800&s=rTdvyPtliSpj4XR6QH6djRmS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a1ddc216c50c119c59f1ec80ae30cbadc0f24ce9e74984be9b155c369b146920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1008761
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23972
expires: Tue, 27 Dec 2022 02:38:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 8 KB
8 KB 517ms
428ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000019674%2Fretina_detail.jpg&v=3&w=800&s=3Y8VXTrQWdM-OgigoEHc6MYe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

20fb0dcce2af0b57f79584d0d282730916680ceebe9c1cfe7b502a9c238fb18f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1489937
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8134
expires: Sun, 01 Jan 2023 16:17:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 7 KB
8 KB 449ms
431ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023300%2Fretina_detail.jpg&v=3&w=800&s=vBqAT0jlAdlGHsjgQGiXFp9s&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9125d6464bc58d961cb2734ecc4d90515d362d1b9b06d570d541448c339e9120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1127570
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7542
expires: Wed, 28 Dec 2022 11:38:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 11 KB
12 KB 429ms
415ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023372%2Fretina_detail.jpg&v=3&w=800&s=twCB59GxWg81OIEoaqRPigoz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0ac24e3236fabe6fbecebd5eac5151f80ac9444f5ead7e433018883bc50ae6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1107960
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11580
expires: Wed, 28 Dec 2022 06:11:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 9 KB
9 KB 431ms
418ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025633%2Fretina_detail.jpg&v=3&w=800&s=SFIGCm2SVhaNodRpXMmJEnUS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a72c21ed358aa89f8a12b26443d2d1dcd9472fc534572122e6aebf2433a824d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2308123
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8930
expires: Wed, 11 Jan 2023 03:34:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 7 KB
7 KB 435ms
422ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025260%2Fretina_detail.jpg&v=3&w=800&s=EyiGlbf71_gdoqKgmesMbGhr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d4fc9449961bfcaf2f7390fa16ae693ff6cfd0fa4310aea9d2dc7541640c5323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2101724
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7394
expires: Sun, 08 Jan 2023 18:14:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 11 KB
11 KB 458ms
445ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000021822%2Fretina_detail.jpg&v=3&w=800&s=G9hWCkkFV0wZevy2uFE4L4c3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

640d7db3e4c80eaff4b1ca5cff0e33630c9a77269e1a99efa069b821165247d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1028976
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11012
expires: Tue, 27 Dec 2022 08:15:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 11 KB
11 KB 438ms
424ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000025266%2Fretina_detail.jpg&v=3&w=800&s=DJVjJOhnpsPaHAFyAunRTTAI&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

14da5772710fff9ecb26b35dca2a59dc63cc59e85afa16cd24082c49916b619c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1894628
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11300
expires: Fri, 06 Jan 2023 08:42:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 8 KB
9 KB 486ms
472ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=49287&q=80&r=0&u=https%3A%2F%2Fwww.fluevog.com%2Fcode%2Fimages%2Fcolour_image%2F0000023441%2Fretina_detail.jpg&v=3&w=800&s=XQunQIY_R5-H-m5EJdFPlvY1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f8a6146c5150eded281c4becb27e5aa5a9cdca5db218560867bff67d9a6c98ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1449159
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8690
expires: Sun, 01 Jan 2023 04:58:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3283 0
127 B 115ms
65ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=qQrUbGNK0I6-MQ0BVE3p5jb4MvL5e1VgHhxgv4FMCAcwRxDE87UOAd2n8Dz2Lnlk5vijZ28dlmhobCxw2yhxP1JGJWLN3JH5mnlYbIh0f7doQW_bc5XY-qiV-G7P3ctFmCggkIzaLHsE_pPOqNsKeaqlx_wO6KvBm30USDPnf2Jyy2GsaAouwQl5Vj9bid5iyEQVl5uKShEOOKVhJRRyGkMcQfp-4m0sUMZICbkzJ-hdLJ2drz8FuFdQnak2jRKqly9CKQ&sds=2&rev=83933&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3283 2 KB
1 KB 120ms
70ms Image
image/svg+xml 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 87ms
74ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671099934488&plid=17488807&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2245260495460690880700815615972614243332%22%2C%22_scrollIncrement%22%3A2%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11647%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1671099926552&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Thu+Dec+15+2022+10%3A25%3A34+GMT%2B0000+(GMT)&action=_scroll&pvid=55996908&u=pid%3Da7b6af8eb6e46cd7590b358c988b5c9d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 10:25:34 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 15-Dec-2022 10:25:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1b7cfcf8-a21a-423d-98d5-5ee4211f2206

0
376 B

144ms
100ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1b7cfcf8-a21a-423d-98d5-5ee4211f2206
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:34 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://elb.the-ozone-project.com/setuid?bidder=openx&uid=1b7cfcf8-a21a-423d-98d5-5ee4211f2206
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: h8oataoor49f3v3vmfk86kcaa6rmohmn

GET
H2 200 010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff
static.criteo.net/design/dt/ Frame 34E9 19 KB
19 KB 289ms
256ms Font
application/octet-stream 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7f2d38cee234212a32f764510cd10b7d056266dd80f0e4774a1b3f9d0a590bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 21 Jun 2022 20:54:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"62b22feb-4a74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff
static.criteo.net/design/dt/ Frame 3283 19 KB
19 KB 302ms
282ms Font
application/octet-stream 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/010ccf751ef748128c521a75a966b8f1_bauer-bodoni-condensed-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

7f2d38cee234212a32f764510cd10b7d056266dd80f0e4774a1b3f9d0a590bd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 21 Jun 2022 20:54:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"62b22feb-4a74"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:34 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 34E9 8 KB
8 KB 409ms
405ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4f1e2b8d644e853ba2e299358ce11ce17b7c128bff692cd45277dc52909b326d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29349801
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7708
expires: Mon, 20 Nov 2023 03:08:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B4BD 0
20 B 135ms
134ms Image
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxvUlHPaaY8VzgYHfA63VmNgEAAAAADgB4AQC&bg=!GhmlGV3NAAYgquz3AKo7ACkAdvg8WqqqotI0uup1W8_ZFcY4pA0xqhSkOwCTeyB0alhTlYxwG-1AYAIAAAF9UgAAAARoAQeZAy-lWk1zJlGK1vSRyA3aE_2l9jffYmqFFY4wY34EWzIo11CSQQSc95P4t9yP_Ac_gu1l12pwCu3JhVzhNpyPzzEKqEMCpI3rxfMFNd842mZEFJ4UQF8uR2mTTIL9sxXPVZ3h6daPyNj3OAAQnCjLbdQ9KWYyj0biqKVAjE4o7wt1Wb_WSI-zvOV_LaVHG8yVtOOb3CrQD0VARHxWpUjx23Cjdq3rrgWJKyjEXqwmkV3rBTuiV0Ji_G-tKmGzCegNY7UHrbvoY7Qe1cc45XUYHiRNS0b571CXVPN42U73-z2MEMA614Kx_vhmb0PaOEfSqhFf3Msxdfa_32TOSJ1oXXl2PxYFLZTBZiLzNkbrVP9rmHzZ79lRLKgnIyCFsEPROfVCEmOQelzF4keD6YQxcEvul2Ywjg7bQOvift-dFzD4qhEDJ6xTDySozuMb2wBLWYD-WcJd7Y-wr0VVsLvXPlHZ6fhSJ1iwyV_h1owZlSoretKuKQVR3CU5L4OHfE1FLb5TLkK1D6RzciY7VYSlsboxFktYsKUXN-mQ0z9eahS85vS983ygtxo62XuuMqStWJo511u2bvgUc6_g9ITUKMKN-Pnde8F6fC_1yCIGcuSMqrQljsXVeve4CHpIrIH2K507hD1MRXhyt4BP3bn3eGIXKLMr5hckV12qPvtbqgCJPR9H85-753BTdYN5TdD099EUWMYGdsiVj7RrVFOm23joLko4NAKqg3Kaxby7trt8zNukz6nvpPNvKFJv6AvyDozX-qFYePPwzsoZL8qNRVL8G5tmCNdDo2mraALv5e1icSy8mLtSGSGJAVdVKDa71PJSr8f0wVTsR2fQbYDcl251Y0SbbxDu_mLKLGre-SIVdNQFtFZaMTMsAGSs9nsNqJ7CI_ME7a2331072Hdz5yWaeyUFuIuO7-WnedBkCeyD62YM0tSG21mK-pNRx7FwOeW7_Rxr8PWd4PaReK0v7ijarXIH0j6sssANWWkrabyAmHRX2E1fCOKl3oGKblrNZAg2n0JdOtxMwMHUX46P1PwVKwmf7z9Hges6Bb8tdC6mYsznBlyP5QDdDUxgI953yg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 3283 8 KB
8 KB 161ms
98ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4f1e2b8d644e853ba2e299358ce11ce17b7c128bff692cd45277dc52909b326d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29349801
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7708
expires: Mon, 20 Nov 2023 03:08:56 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://match.prod.bidr.io/cookie-sync/ozo?url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dbeeswax%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID&_bee_ppp=1
https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AACv5k7HNewAACEsxACgrA

0
491 B

71ms
71ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AACv5k7HNewAACEsxACgrA
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=beeswax&uid=AACv5k7HNewAACEsxACgrA
Date: Thu, 15 Dec 2022 10:25:35 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 58E9 42 B
64 B 96ms
95ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEYSwYeMMcTk9J3BujklsrP4gki0e80bcXI5jbd6TCP82pE0yQH9fYrPVL3WZ49m_0A92ht0JR7EzdXX1v7XACpx7-lNd2FohAfpdOS9n3ZiwG2BEe6Ht8cZ4Q&sai=AMfl-YSzGTJSmNikJcwtHsVdJEv7xQm3oaLHuY5Dji_ODMxbpuOuH1Q_WL7NItHFwXK8ksjzs5zqiASmaoeqi12xbyi6yMlPpBqDJWG-6Mbbts0ZM15ScR3QJ-DjUjmSgQ&sig=Cg0ArKJSzCi5WQ-8CgA2EAE&cid=CAQSOwDq26N9GFmvTHXGPVDpcJEwS6XXaJDykBKA6aOWqx1uvdsDoVWwP6YmFyj3HysUcFvF8ON6XUO4CzhzGAEgEw&id=lidar2&mcvt=1005&p=10,436,100,1164&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1887631228&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671099933368&rpt=843&isd=0&lsd=0&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame E33A 0
260 B 229ms
68ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK PrebidServer
crb.kargo.com/api/v1/dsync/ Frame 9982 43 B
360 B 331ms
49ms Image
image/gif 18.194.0.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crb.kargo.com/api/v1/dsync/PrebidServer?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dkargo%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.0.5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-0-5.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:35 GMT
X-Accel-Expires: 0
Vary: Origin
Content-Type: image/gif
Cache-Control: no-cache, no-store, must-revalidate, private, max-age=0
Connection: keep-alive
Krk-Reject-Reason: consent
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
129 B 90ms
81ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=025ad678-bf0a-4fe2-b383-8487592159bc
Requested by: Host: be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
URL: https://be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app/be54a597-6b6d-4e2d-9d31-642310a8db25-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8932a984791f39fdead858f32cbe258c961b2a49d59295f6186e6856de6632a3

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 15 Dec 2022 10:25:35 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.thestar.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 111

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 119ms
96ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120801&jk=2499574925828476&bg=!oqGloeXNAAYgquz3AKo7ACkAdvg8WovhrAia0KXurxPBJDKbNLbJ_PMJjpxGwdoUapPyExjHPW927AIAAACsUgAAAB1oAQeZAuAoNkIP3KEYlkxOumiso13AZdCgq7J-ScrOE-bDf5xJe077FrhP3Xp4vhPPMlX2VaDJM2jl3pXscdWarPTxLHj0pDydv974NLnSXiekv3CItW_npN1dm_fP3TzH1fCt0Gp-dnLPMG_kkssT-1IGfCeQpJCK4o1ikAcJlVZdaUbW-CU17gvzK-1I1HZudAjcQRumHJrT7OPVFnG4OM00OQbcEEW4yNWRS6-o16Y8q0x0hrnhf1ngqOwzZcRuQjaoqbA59ekREV5Us0M3sLxgQ4apVXpI3DKlPqjJKr7p8i0dX_QpdIwNQ8owEc_HXNHE8S4pd1KGovypAm4q9U1mswGoVFPquuhLAvMBoA4u2S1SaP0m_A3XAjJZijfCdlH11CTnjZgmxmmSXNygRrPT0zlZmBiHgqWQCK4dRqGQNIcaJ75sfQJo1kEwiqN45ESwVNkDhE0I0WOKbAacB-SK7__CRT0m75wCU5W127Z0zylBQDmnCgwZ72FvB_SITDXHuxm_2EXtbUawNJm0rIEE9gJozFPLFPueHG0s9i9IDliKnDMIbZEnJDLqmxt5M2qmW_ADgVaCUfyXZkoAgjg3nBnz60EKgiG_oMcLpuNMiqouGje79_AwKdb3Ho8Gt25RmSu1e0syYvUE3SkuVxPyGASfQFY3SXwwEsTWFLVg_-jQek3AxneJeq_DA75k2iR74_Lbu5YVpNfsHeLHu_zAXNqCxPPnAkQAEltr8tsMTZ3g6X9sIdpwQfuvVCa3VRpshDNnqkBUngczN0rgSI6K-i3OhBWN2xLpsGkVZ2IF-eS2LXZgHGBufmteR64G2Am_faaj6jdpQ57m86GSIhlVgkL5fgdcjurMa-6aypbKYpODxIMvMc9lYSeHhrbCj7iz7Y0f-3g7yje68lTue492xoBqCsmQZsLoewvJ1vIKodIsZBPgQJD2Xo8u01CUUP0TKqM84oCS0lPcirSfmH51A8L6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s08-in-f194.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 9982 70 B
264 B 84ms
84ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=u40cpuw&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 15 Dec 2022 10:25:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-...
https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=b008e06a-f892-41c9-ac81-2d74b34af66f

0
613 B

65ms
64ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=b008e06a-f892-41c9-ac81-2d74b34af66f
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=b008e06a-f892-41c9-ac81-2d74b34af66f
date: Thu, 15 Dec 2022 10:25:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 200 __activity.gif
query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/ 35 B
49 B 147ms
143ms Image
image/gif 35.190.14.224
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://query.petametrics.com/v3/q9fqmmutk5a97trs/25f24d51-fbbc-48de-c456-60d87272f9f8/__activity.gif?e=stuck_10s&ct=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&ccu=https%3A%2F%2Fwww.thestar.com%2F&tspl=14319&blst=2461&ist=4281&iet=4300&bdst=2462&bdet=2999&bcttt=229&jsfv=nbc&ts=1671099936284&jsk=q9fqmmutk5a97trs&jsv=20220926&cu=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&uid=25f24d51-fbbc-48de-c456-60d87272f9f8&sid=bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161&pvid=7bef33eb-829c-4f23-ac5f-d541a45debc8&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F108.0.5359.124+Safari%2F537.36&l=en-US&os=Win32&cet=4g&crtt=-1&cdl=9.4&saveData=false&ctyp=unknown&tzo=0&w=null&source=null&sdk=bc-pixel
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.14.224 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 224.14.190.35.bc.googleusercontent.com
Software: openresty/1.13.6.2 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:36 GMT
via: 1.1 google
server: openresty/1.13.6.2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 67ms
66ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:36 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 58ms
56ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 10:25:36 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_pr...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=1...
https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y5r2ITFKQROx-qxcAE9.AgAA%26717

0
731 B

65ms
64ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y5r2ITFKQROx-qxcAE9.AgAA%26717
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ISTgwv3jQx0%2FeKzeOPZvVALzoSbiGp5UoxzXGXek6UneuQsuhzaXD33dy9bprF2s7GvDHeN%2BuzwOcCunIG%2FBhxSs7euEoeq%2Bcn0tw8WyXk%2FZcQsdy8qsVja8%2BafSHUk%2BTPv6KqkA"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://elb.the-ozone-project.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y5r2ITFKQROx-qxcAE9.AgAA%26717
cache-control: no-cache
cf-ray: 779e79f00d5015ec-ARN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4818220284326262611

0
838 B

74ms
73ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4818220284326262611
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:37 GMT
AN-X-Request-Uuid: 0d63254a-fda2-4c55-bec5-6195978efc9d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://elb.the-ozone-project.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=4818220284326262611
Connection: keep-alive
X-Proxy-Origin: 185.147.213.67; 185.147.213.67; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://ups.analytics.yahoo.com/ups/58655/occ?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirect=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dyahoossp%26gdpr%3D0%26gdpr_consent%3D%26...
https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-Nd7igZpE2uFQCZVB2W9YQ.LE7QO_PC3zIqRpCGU-~A&gdpr=0&gdpr_consent=

0
976 B

64ms
64ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-Nd7igZpE2uFQCZVB2W9YQ.LE7QO_PC3zIqRpCGU-~A&gdpr=0&gdpr_consent=
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:37 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=yahoo&uid=y-Nd7igZpE2uFQCZVB2W9YQ.LE7QO_PC3zIqRpCGU-~A&gdpr=0&gdpr_consent=
date: Thu, 15 Dec 2022 10:25:37 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsmart%26gdpr%3D0%26gdp...
https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=1225131243964191040

0
1 KB

64ms
64ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=1225131243964191040
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=smart&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=1225131243964191040
date: Thu, 15 Dec 2022 10:25:37 GMT
content-length: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 9982 0
35 B 157ms
50ms Image
text/plain 18.196.238.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.238.199 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-238-199.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:38 GMT

GET
H2 200 f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff
static.criteo.net/design/dt/ Frame 3283 21 KB
21 KB 79ms
77ms Font
application/octet-stream 178.250.0.130
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f342bdd505994d4ebb138128d448f553_avenirnextltpro.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

36a46e4d3e4c4ab8d8f61a91b00d67677ab93fff1c30994bc271496091ffe3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 15 Dec 2022 10:25:38 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jun 2019 14:25:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5cffb9e1-53c4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 10 Dec 2023 10:25:38 GMT

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 9982 0
277 B 973ms
517ms Image
text/plain 209.191.163.208
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.208 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 15 Dec 2022 10:25:38 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=a534d334-083b-40df-8701-87693b31e039

0
1 KB

72ms
64ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=a534d334-083b-40df-8701-87693b31e039
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=a534d334-083b-40df-8701-87693b31e039
access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:39 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%...
https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=fc8567c4-55ea-4b69-9508-376bc035e968

0
1 KB

72ms
71ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=fc8567c4-55ea-4b69-9508-376bc035e968
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=avocet&gdpr=0&gdpr_consent=&uid=fc8567c4-55ea-4b69-9508-376bc035e968
date: Thu, 15 Dec 2022 10:25:40 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 151
content-type: text/html; charset=utf-8

GET
H2

200

setuid
elb.the-ozone-project.com/ Frame 9982
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Felb.the-ozone-project.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4409907857632730871930

0
1 KB

69ms
69ms

Image
text/plain

63.35.78.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4409907857632730871930
Protocol: H2
Server: 63.35.78.131 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-35-78-131.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://elb.the-ozone-project.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Dec 2022 10:25:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://elb.the-ozone-project.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4409907857632730871930
date: Thu, 15 Dec 2022 10:25:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 59ms
57ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:41 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 58ms
57ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 10:25:41 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

POST
H2 200 all
csm.eu.criteo.net/ Frame 34E9 0
127 B 63ms
62ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 3283 0
127 B 61ms
61ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 15 Dec 2022 10:25:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 201ms
64ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1671099944428&plid=17488807&idsite=thestar.com&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22adobe_mcid%22%3A%2245260495460690880700815615972614243332%22%2C%22_scrollIncrement%22%3A3%2C%22_scrollMethod%22%3A%22setinterval%22%2C%22_y%22%3A0%2C%22_bodyHeight%22%3A11647%7D&sid=1&surl=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&sref=&sts=1671099926552&slts=0&title=The+Toronto+Star+-+Breaking+News%2C+Toronto+News%2C+Ontario+News%2C+Canada+News&date=Thu+Dec+15+2022+10%3A25%3A44+GMT%2B0000+(GMT)&action=_scroll&pvid=55996908&u=pid%3Da7b6af8eb6e46cd7590b358c988b5c9d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: se-SE,se;q=0.9
Referer: https://www.thestar.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 15 Dec 2022 10:25:44 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 15-Dec-2022 10:25:44 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 200
OK attention-event Show response
sr.studiostack.com/track/ 0
396 B 59ms
59ms XHR
text/plain 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Requested by: Host: sr.studiostack.com
URL: https://sr.studiostack.com/v3/services
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thestar.com/
accept-language: se-SE,se;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Expires: 0
Pragma: no-cache
Date: Thu, 15 Dec 2022 10:25:46 GMT
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Content-Length: 0
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

OPTIONS
H/1.1 200
OK attention-event
sr.studiostack.com/track/ Frame 0
0 56ms
55ms Preflight
text/html 51.104.28.77
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://sr.studiostack.com/track/attention-event
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.104.28.77 London, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.thestar.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD, PUT
Access-Control-Allow-Origin: *
Allow: POST
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 4
Content-Type: text/html; charset=utf-8
Date: Thu, 15 Dec 2022 10:25:46 GMT
ETag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
Expires: 0
Pragma: no-cache
request-context: appId=cid-v1:872aa76c-939e-4ab5-93a1-49e977059583

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dmx.districtm.io
URL: https://dmx.districtm.io/s/v1/img/s/101995

Verdicts & Comments Add Verdict or Comment

309 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

112 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
n511.thestar.com/DG/DEFAULT	1970-01-20 17:47:39	Name: BCSessionID Value: d94ba0aa-a223-4699-a3f9-c2ac50940881
torstar.blueconic.net/DG/DEFAULT	1970-01-20 16:57:15	Name: BCSessionID Value: d94ba0aa-a223-4699-a3f9-c2ac50940881
www.google.com/recaptcha	1970-01-20 12:30:51	Name: _GRECAPTCHA Value: 09AGDUI8Dy9q-WyM1GJeKd9SUnno9ArKqRoqDhthjvZ9rCv93MSlIWTPHk9HBOdFwLmVcvL8wz7K7W6YxPH26BdkE
www.thestar.com/	1970-01-20 16:57:15	Name: selectedCity Value: thestar
.thestar.com/	1970-01-20 16:58:42	Name: _vwo_uuid_v2 Value: DC2430979FEF4430A4E04CDECC4F56838\|62e453effa5a842ef626f5224ecbfbac
www.thestar.com/	1970-01-20 16:57:15	Name: last_visit_bc Value: 1671099923102
.thestar.com/	1970-01-20 16:57:15	Name: bc_tstgrp Value: 6
.thestar.com/	1970-01-20 10:35:39	Name: _vis_opt_s Value: 1%7C
.thestar.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.thestar.com/	1970-01-20 17:47:39	Name: _vwo_uuid Value: DC2430979FEF4430A4E04CDECC4F56838
.thestar.com/	1970-01-20 08:11:41	Name: _vwo_sn Value: 0%3A1
.thestar.com/	1970-01-20 10:21:15	Name: _vwo_ds Value: 3%3At_0%2Ca_0%3A0%241671099922%3A56.04276544%3A%3A47_0%2C45_0%2C44_0%2C43_0%2C42_0%2C35_0%2C34_0%2C32_0%2C26_0%3A3_0%2C2_0%3A0
.thestar.com/	1970-01-20 12:33:44	Name: permutive-id Value: e06b59c2-ed68-4cbe-9cbd-1bbc20f204ff
.be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co/	1970-01-20 10:21:15	Name: pxid Value: 1e67c632-a810-4567-8a6d-ed139e2b4d3c
.scorecardresearch.com/	1970-01-20 17:47:39	Name: UID Value: 19B2c92f8cc39f6522c1cb91671099925
www.thestar.com/	1970-01-20 08:54:51	Name: AccessToken Value: idv2lboxqyokgpv3ieaeyzipo67nk82w7
www.thestar.com/	1969-12-31 23:59:59	Name: userSegmentLogin Value: false
.thestar.com/	1969-12-31 23:59:59	Name: _igt Value: bf5aa0f4-04b5-49d2-f0b3-5c83c5d7c161
.thestar.com/	1970-01-20 16:57:15	Name: _ig Value: 25f24d51-fbbc-48de-c456-60d87272f9f8
.demdex.net/	1970-01-20 12:30:51	Name: demdex Value: 45223963162903381240818708520509627918
.thestar.com/	1969-12-31 23:59:59	Name: AMCVS_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 1
.thestar.com/	1969-12-31 23:59:59	Name: __psid Value: 1671099926476
.thestar.com/	1970-01-20 08:11:41	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.thestar.com/?redirect=true%22%2C%22sref%22:%22%22%2C%22sts%22:1671099926552%2C%22slts%22:0}
www.thestar.com/	1970-01-20 08:54:51	Name: _pbjs_userid_consent_data Value: 3524755945110770
.thestar.com/	1970-01-20 08:13:06	Name: _gid Value: GA1.2.2030380028.1671099927
.thestar.com/	1970-01-20 08:11:39	Name: _gat_UA-70431129-1 Value: 1
.thestar.com/	1970-01-20 08:11:39	Name: _gat_UA-73335503-3 Value: 1
.thestar.com/	1970-01-20 17:47:39	Name: local_ga_B4CQN4KW3R Value: GS1.1.1671099926.1.0.1671099926.60.0.0
.thestar.com/	1970-01-20 17:47:39	Name: local_ga Value: GA1.1.992549094.1671099927
.thestar.com/	1970-01-20 17:47:39	Name: _ga_6FZFMVVWVN Value: GS1.1.1671099926.1.0.1671099926.60.0.0
.thestar.com/	1970-01-20 17:47:39	Name: s_ecid Value: MCMID%7C45260495460690880700815615972614243332
.everesttech.net/	1970-01-20 16:57:15	Name: everest_g_v2 Value: g_surferid~Y5r2FgAAANq8cwOJ
.dpm.demdex.net/	1970-01-20 12:30:51	Name: dpm Value: 45223963162903381240818708520509627918
.thestar.com/	1970-01-20 17:47:39	Name: AMCV_19A568F454F72DAF0A4C98A6%40AdobeOrg Value: 179643557%7CMCIDTS%7C19342%7CMCMID%7C45260495460690880700815615972614243332%7CMCAAMLH-1671704726%7C6%7CMCAAMB-1671704726%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1671107126s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19349%7CvVersion%7C5.5.0
www.thestar.com/	1970-01-20 16:57:15	Name: selectedPersonalizedCategories Value: []
www.thestar.com/	1970-01-20 16:57:15	Name: personalizedListModeEnabled Value: true
www.thestar.com/	1969-12-31 23:59:59	Name: latestContentTier Value: 0
.thestar.com/	1970-01-20 17:41:03	Name: _parsely_visitor Value: {%22id%22:%22pid=a7b6af8eb6e46cd7590b358c988b5c9d%22%2C%22session_count%22:1%2C%22last_session_ts%22:1671099926552}
www.thestar.com/	1970-01-20 16:57:15	Name: rememberMeML Value: https://www.thestar.com/?redirect=true
.www.thestar.com/	1970-01-20 17:47:39	Name: ts_s_ecid Value: MCMID%7C45260495460690880700815615972614243332
.thestar.com/	1970-01-20 17:47:39	Name: _ga Value: GA1.2.992549094.1671099927
.thestar.com/	1970-01-20 08:11:39	Name: _gat_sirwidgets_0 Value: 1
www.thestar.com/	1969-12-31 23:59:59	Name: BCSessionID Value: d94ba0aa-a223-4699-a3f9-c2ac50940881
torstar.blueconic.net/	1970-01-20 08:21:44	Name: AWSALBCORS Value: sXuk/HpomrqqctGrhsiKMv1oXQyBPkCSJNtr9gftET2eeYnNldhYFgt4sZYyfDimneEQC4EC/OMMJRxpZ66CMyvDspzoOgxGjUwv2z42YEnqc8b93WU2XTe+2K0m
.the-ozone-project.com/	1970-01-20 10:21:15	Name: ozone_uid Value: 2IwkFh6sGBeUcSukm2rI0ToNziu
.thestar.com/	1970-01-20 10:21:15	Name: _fbp Value: fb.1.1671099930770.238360820
n511.thestar.com/	1970-01-20 08:21:44	Name: AWSALB Value: eR5wgGdxGnd5tJXjLXJKqCqBAcV8qOgPqiPsSV4iKNUMLDHhb+vkdbdoJ6JL4C9MVw/pQ4epr7dzxeEahlB+5Mg7hd+W8rTfazC69RYqrtJjG79tAErTcOmw8oad
n511.thestar.com/	1970-01-20 08:21:44	Name: AWSALBCORS Value: eR5wgGdxGnd5tJXjLXJKqCqBAcV8qOgPqiPsSV4iKNUMLDHhb+vkdbdoJ6JL4C9MVw/pQ4epr7dzxeEahlB+5Mg7hd+W8rTfazC69RYqrtJjG79tAErTcOmw8oad
.thestar.com/	1970-01-20 08:54:51	Name: s_nr Value: 1671099931964-New
.thestar.com/	1970-01-20 16:57:15	Name: s_nr2 Value: 1671099931967-New
.thestar.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.thestar.com/	1970-01-20 10:21:15	Name: _gcl_au Value: 1.1.2007690682.1671099932
.twitter.com/	1970-01-20 17:47:39	Name: guest_id_marketing Value: v1%3A167109993235065428
.twitter.com/	1970-01-20 17:47:39	Name: guest_id_ads Value: v1%3A167109993235065428
.twitter.com/	1970-01-20 17:47:39	Name: personalization_id Value: "v1_PZR6oIcrXWduJAUebAuVgA=="
.twitter.com/	1970-01-20 17:47:39	Name: guest_id Value: v1%3A167109993235065428
.t.co/	1970-01-20 17:47:39	Name: muc_ads Value: cbddccc6-210f-4c4c-b8b5-08bd2daea800
.bing.com/	1970-01-20 17:33:15	Name: MUID Value: 3A476029D4FB68081E857252D5AC691D
.thestar.com/	1970-01-20 08:13:06	Name: _uetsid Value: ce49aac07c6211ed956df9adb7a9a0d8
.thestar.com/	1970-01-20 17:33:15	Name: _uetvid Value: ce4a21c07c6211edad309764e1ff9ee9
.thestar.com/	1970-01-20 10:21:15	Name: _rdt_uuid Value: 1671099933004.b64cb375-79f4-4031-94a6-60408721ac6b
.doubleclick.net/	1970-01-20 17:33:15	Name: IDE Value: AHWqTUn1w4tcdyYTfldoZIGKDIPtSYipG_EsuWj6OQ0VIDifMAapjgWKkR3mvELb_PY
.thestar.com/	1970-01-20 17:33:15	Name: __gads Value: ID=09e05c0692c37221:T=1671099931:S=ALNI_MaX9pgChGXogO4D3o1ffeXqsJbUOw
.thestar.com/	1970-01-20 17:33:15	Name: __gpi Value: UID=00000b92b42f00a0:T=1671099931:RT=1671099931:S=ALNI_Ma-_IXM9gCuGklBLVEMUSqpO18R3Q
.pubmatic.com/	1970-01-20 16:57:15	Name: KADUSERCOOKIE Value: 3F61B126-3179-485B-B7DE-131989465663
.pubmatic.com/	1970-01-20 10:21:15	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 08:13:06	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 10:21:15	Name: DPSync3 Value: 1672272000%3A241_201_227_245
.pubmatic.com/	1970-01-20 10:21:15	Name: SyncRTB3 Value: 1672272000%3A220_13_7_161_56_54_21_251_3%7C1672358400%3A35
.linkedin.com/	1970-01-20 08:54:51	Name: UserMatchHistory Value: AQKTMkmrTzwl6wAAAYUVUWJATwkjwYwUW6LscvqTd7E8WBm8huAhKPEvI16hV5eQmA8vWQiB1kkO8w
.linkedin.com/	1970-01-20 08:54:51	Name: AnalyticsSyncHistory Value: AQIIbTnG0LrL8QAAAYUVUWJAHAJ6Wi7WXqyoXmS7ccETs5M14I4rEyaGJAp021PcYlwEn3TQizMVbRyYOIf2nA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:57:15	Name: bcookie Value: "v=2&5de4bf8a-cb24-4130-8e8f-db3c6f2d4ac2"
.linkedin.com/	1970-01-20 08:13:06	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2788:u=1:x=1:i=1671099933:t=1671186333:v=2:sig=AQG670HUWHzqFLLjy0lHEXbahL4sfRyz"
.thestar.com/	1970-01-20 16:57:15	Name: _pin_unauth Value: dWlkPU56QTJZV05oTkdVdFkyUXpaQzAwTVdaaExUZzROREV0WlRVMU5UazBNMkZrTnpFMQ
.www.thestar.com/	1970-01-20 08:13:06	Name: ln_or Value: d
.adform.net/	1970-01-20 08:56:18	Name: C Value: 1
.adnxs.com/	1970-01-20 10:21:15	Name: uuid2 Value: 4818220284326262611
.adform.net/	1970-01-20 09:38:03	Name: uid Value: 8075392156318716458
.de17a.com/	1970-01-20 16:50:03	Name: guid Value: 1.8511140874028250531
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.www.linkedin.com/	1970-01-20 16:57:15	Name: bscookie Value: "v=1&2022121510253304db0cb6-a176-4313-8a84-8cb278e3b54dAQHLgdUDoTgvUs-sIlkw5Hb1SNmwlBn_"
.linkedin.com/	1970-01-20 12:30:51	Name: li_gc Value: MTswOzE2NzEwOTk5MzM7MjswMjH1hjLwW22o5M5Wsf2v2CYixf67kiV2pCzZZWqOVcCZZA==
.weborama.fr/	1970-01-20 17:37:35	Name: AFFICHE_W Value: kDMoe@9dfNSQ69
.simpli.fi/	1970-01-20 16:58:42	Name: suid Value: FCB26A897B5B402F9F109F28B2AC6C2D
.zeotap.com/	1970-01-20 16:57:15	Name: zc Value: 9d4188c5-d9aa-4e7a-7c25-1efae9f0d650
.pubmatic.com/	1970-01-20 08:54:51	Name: KRTBCOOKIE_336 Value: 5844-8511140874028250531
.pubmatic.com/	1970-01-20 08:54:51	Name: KRTBCOOKIE_57 Value: 22776-4818220284326262611&KRTB&23339-4818220284326262611
.pubmatic.com/	1970-01-20 08:54:51	Name: KRTBCOOKIE_391 Value: 22924-8075392156318716458&KRTB&23263-8075392156318716458
.pubmatic.com/	1970-01-20 08:54:51	Name: PugT Value: 1671099933
.amazon-adsystem.com/	1970-01-20 12:56:47	Name: ad-id Value: A90Ye5_iU0hthrrE3nN20y0
.amazon-adsystem.com/	1970-01-20 17:47:39	Name: ad-privacy Value: 0
.mathtag.com/	1970-01-20 17:37:35	Name: uuid Value: 15b2639a-f61e-4800-b27d-1ba89abe02ca
.openx.net/	1970-01-20 16:57:15	Name: i Value: f10e4c6e-b202-4e23-a98f-5619c463d376\|1671099934
.bidr.io/	1970-01-20 17:40:09	Name: bito Value: AACv5k7HNewAACEsxACgrA
.bidr.io/	1970-01-20 17:40:09	Name: bitoIsSecure Value: ok
.pubmatic.com/	1970-01-20 08:54:51	Name: SPugT Value: 1671099935
.bidswitch.net/	1970-01-20 16:57:15	Name: tuuid Value: b008e06a-f892-41c9-ac81-2d74b34af66f
.bidswitch.net/	1970-01-20 16:57:15	Name: c Value: 1671099936
.bidswitch.net/	1970-01-20 16:57:15	Name: tuuid_lu Value: 1671099936
.casalemedia.com/	1970-01-20 16:57:15	Name: CMID Value: Y5r2ITFKQROx-qxcAE9.AgAA
.casalemedia.com/	1970-01-20 10:21:15	Name: CMPS Value: 717
.casalemedia.com/	1970-01-20 10:21:15	Name: CMPRO Value: 717
.casalemedia.com/	1970-01-20 10:21:15	Name: CMTS Value: 1869
.yahoo.com/	1970-01-20 16:57:37	Name: A3 Value: d=AQABBCH2mmMCEC4bOCkT36ac8Fl4WwUeUEYFEgEBAQFHnGOkYwAAAAAA_eMAAA&S=AQAAAqsIDz6D8MoTdo5wXYjql9M
.analytics.yahoo.com/	1970-01-20 16:57:15	Name: IDSYNC Value: 199b~28uy
.smartadserver.com/	1970-01-20 17:41:54	Name: pid Value: 1225131243964191040
.360yield.com/	1970-01-20 10:21:15	Name: tuuid Value: a534d334-083b-40df-8701-87693b31e039
.360yield.com/	1970-01-20 10:21:15	Name: tuuid_lu Value: 1671099939
ads.avct.cloud/	1970-01-20 16:57:15	Name: uuid Value: fc8567c4-55ea-4b69-9508-376bc035e968
.3lift.com/	1970-01-20 10:21:15	Name: tluid Value: 4409907857632730871930
.the-ozone-project.com/	1970-01-20 10:21:15	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI0ODE4MjIwMjg0MzI2MjYyNjExIiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTA6MjU6MzcuNTE5Mjg2Njc0WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJhdm9jZXQiOnsidWlkIjoiZmM4NTY3YzQtNTVlYS00YjY5LTk1MDgtMzc2YmMwMzVlOTY4IiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTA6MjU6NDAuMTEyODY2MzM2WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJiZWVzd2F4Ijp7InVpZCI6IkFBQ3Y1azdITmV3QUFDRXN4QUNnckEiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxMDoyNTozNS42MTcxNjA4MjRaIiwic291cmNlIjoiY29va2llIn0sImdyaWQiOnsidWlkIjoiYjAwOGUwNmEtZjg5Mi00MWM5LWFjODEtMmQ3NGIzNGFmNjZmIiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTA6MjU6MzYuOTg4MzczMDdaIiwic291cmNlIjoiY29va2llIn0sImltcHJvdmVkaWdpdGFsIjp7InVpZCI6ImE1MzRkMzM0LTA4M2ItNDBkZi04NzAxLTg3NjkzYjMxZTAzOSIsImV4cGlyZXMiOiIyMDIyLTEyLTI5VDEwOjI1OjM5LjczMzQ5NDAwN1oiLCJzb3VyY2UiOiJjb29raWUifSwiaXgiOnsidWlkIjoiWTVyMklURktRUk94LXF4Y0FFOS5BZ0FBXHUwMDI2NzE3IiwiZXhwaXJlcyI6IjIwMjItMTItMjlUMTA6MjU6MzcuMzk4NjM1MDU4WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJvcGVueCI6eyJ1aWQiOiIxYjdjZmNmOC1hMjFhLTQyM2QtOThkNS01ZWU0MjExZjIyMDYiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxMDoyNTozNS4wNjQ5OTg4MjVaIiwic291cmNlIjoiY29va2llIn0sInNtYXJ0Ijp7InVpZCI6IjEyMjUxMzEyNDM5NjQxOTEwNDAiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxMDoyNTozOC4xMDA3NTM1NDlaIiwic291cmNlIjoiY29va2llIn0sInRyaXBsZWxpZnQiOnsidWlkIjoiNDQwOTkwNzg1NzYzMjczMDg3MTkzMCIsImV4cGlyZXMiOiIyMDIyLTEyLTI5VDEwOjI1OjQwLjQzNzEwMDExMVoiLCJzb3VyY2UiOiJjb29raWUifSwieWFob28iOnsidWlkIjoieS1OZDdpZ1pwRTJ1RlFDWlZCMlc5WVEuTEU3UU9fUEMzeklxUnBDR1UtfkEiLCJleHBpcmVzIjoiMjAyMi0xMi0yOVQxMDoyNTozNy44MDQxMTkxMDNaIiwic291cmNlIjoiY29va2llIn19LCJiZGF5IjoiMjAyMi0xMi0xNVQxMDoyNTozNS4wNjQ5OTYwMTFaIn0=

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 166) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-89005e590c0ebf15682032cbfc0ab566.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/track-89005e590c0ebf15682032cbfc0ab566.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://dev.visualwebsiteoptimizer.com/deploy/js_visitor_settings.php?v=1&a=354908&url=https%3A%2F%2Fwww.thestar.com%2F%3Fredirect%3Dtrue&random=0.590314950030782(Line 2) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/analysis/4.0/opa-74021bde9081c83799a0980273db90d9.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.thestar.com/?redirect=true(Line 184) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://d5phz18u4wuww.cloudfront.net/vis_opt.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-89005e590c0ebf15682032cbfc0ab566.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://d5phz18u4wuww.cloudfront.net/vis_opt.js(Line 218) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://dev.visualwebsiteoptimizer.com/7.0/vis_opt-89005e590c0ebf15682032cbfc0ab566.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://www.thestar.com/static/clients/torontostar/TorstarDeckCondensed-Roman.woff2?rf Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=385389163553? Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.doubleclick.net/ddm/adj/N7050.197812.NSO.CODESRV/B24540798.279406836;sz=1x2;ord=385389163553?(Line 142) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://dmx.districtm.io/s/v1/img/s/101995 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	warning	URL: https://a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=3F61B126-3179-485B-B7DE-131989465663&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEB3lbQbBbHLSp4pQGCW4zGE&google_cver=1 Message: Failed to load resource: the server responded with a status of 502 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:15b2639a-f61e-4800-b27d-1ba89abe02ca&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10230056.fls.doubleclick.net
a1b2d19326a1f3565bb6058f12743751.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad.doubleclick.net
ad2.360yield.com
ads.avct.cloud
ads.eu.criteo.com
ads.pubmatic.com
adserver.pressboard.ca
adservice.google.com
adservice.google.se
alb.reddit.com
analytics.twitter.com
ap.lijit.com
api.permutive.com
api.thestar.com
bat.bing.com
be54a597-6b6d-4e2d-9d31-642310a8db25.edge.permutive.app
be54a597-6b6d-4e2d-9d31-642310a8db25.prmutv.co
btloader.com
c.amazon-adsystem.com
c1.adform.net
cat.fr.eu.criteo.com
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.petametrics.com
cdnjs.cloudflare.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
cr.frontend.weborama.fr
crb.kargo.com
csm.eu.criteo.net
ct.pinterest.com
d1nxn87txdj54y.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
d5phz18u4wuww.cloudfront.net
data.ontario.ca
dev.visualwebsiteoptimizer.com
dis.criteo.com
dmx.districtm.io
dpm.demdex.net
eb2.3lift.com
elb.the-ozone-project.com
engagefront.theweathernetwork.com
events.kumulos.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image6.pubmatic.com
images.thestar.com
img.sportradar.com
match.adsrvr.org
match.prod.bidr.io
match.sharethrough.com
misc.thestar.com
mwzeom.zeotap.com
n511.thestar.com
news.google.com
p1.parsely.com
pagead2.googlesyndication.com
pix.eu.criteo.net
pixel.rubiconproject.com
pixel.thestar.com
play.google.com
prebid.the-ozone-project.com
push.kumulos.com
px.ads.linkedin.com
query.petametrics.com
region1.analytics.google.com
resources.thestar.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.pinimg.com
s.thestar.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sr.studiostack.com
ssbsync-global.smartadserver.com
ssum.casalemedia.com
static.ads-twitter.com
static.app.delivery
static.criteo.net
stats.g.doubleclick.net
sync.crwdcntrl.net
sync.mathtag.com
t.co
torontostarnewspaperslimited.demdex.net
torstar.blueconic.net
torstar.gscontxt.net
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
uswidgets.fn.sportradar.com
widgets.media.sportradar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.se
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
www.thestar.com
x.bidswitch.net
z.moatads.com
dmx.districtm.io
100.25.1.9
103.229.205.243
104.126.37.25
104.16.125.175
104.17.25.14
104.18.1.175
104.22.24.87
104.244.42.131
104.244.42.197
104.26.6.139
104.84.56.209
108.138.7.116
129.158.208.173
13.107.21.200
13.107.219.45
13.107.42.14
13.224.189.100
13.227.211.231
13.248.245.213
13.32.27.13
13.32.27.38
13.32.28.197
13.36.218.177
138.68.96.220
142.250.181.226
142.250.184.230
142.250.185.138
142.250.185.162
142.250.185.198
142.250.185.226
142.250.185.97
142.250.186.134
142.250.186.67
142.250.186.68
142.250.186.98
142.250.186.99
142.250.74.195
142.251.5.156
143.204.214.20
143.204.215.46
146.75.120.157
15.197.193.217
151.101.1.140
151.101.128.84
151.101.129.140
151.139.128.10
157.240.201.15
165.232.66.42
172.217.16.194
172.217.16.200
172.217.16.206
172.217.18.14
172.217.23.110
172.217.23.97
172.217.23.98
172.64.154.237
172.67.73.13
176.34.141.217
178.250.0.129
178.250.0.130
178.250.0.138
178.250.0.139
178.250.0.160
178.250.0.162
178.250.2.129
178.250.2.151
18.156.0.31
18.194.0.5
18.196.238.199
18.66.147.30
18.66.97.65
185.60.216.35
185.64.189.110
185.64.190.78
185.64.190.80
185.64.190.81
185.86.137.108
2.16.238.147
2.18.233.180
209.191.163.208
213.155.156.166
216.239.34.36
3.126.197.232
3.248.100.224
34.107.254.252
34.111.129.221
34.120.23.223
34.247.240.197
34.96.102.137
35.190.14.224
35.204.74.118
35.227.252.103
35.241.9.51
37.157.5.142
37.252.171.149
44.207.211.100
51.104.28.77
52.30.188.40
52.49.181.242
54.155.18.159
54.171.1.252
54.229.65.185
63.35.78.131
65.9.58.133
65.9.61.60
65.9.66.56
67.220.226.234
69.173.144.165
88.221.169.143
95.101.111.154
95.101.111.162
99.86.3.236
99.86.4.32
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0161411eb07c7eed568cee35d72579fbcd42238678effbd461afaa6d1cdbb958
023fe23d65d9b7d599635de857da2d08330acf9bae441a8ca8e03c9a9bee20df
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188
04293c933dfb611c4b07c2fe6e8d51cc0a89e87d01e069f4516267e137a5024e
047bbd033f518da9326f5f7c4e9b1bcb42d50ba17baec2442fdcbd639decafcd
04c7f0fb4e354a7e2cbd455dfafebce4feb2c393b7bbbcfc22066af20f5ea347
062d2fd679c7aec2ea13b97fa6f36cf79d8cb5ab76b1ba346b89fae72de7e51f
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07c2c7dd3cd4b1b52e2d71942ebcc5eac1646d8af64df95f4147aaebf3653b0b
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
092433010c83e4e157d859c0712053ad168b50d22fcc8095a7ef133e10cd3aed
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
098ac1fe26b8dcbf76d32aa5db27e6112d093743f9a3e4df1dc529c131df4363
09991f35e103cb990cf0ee1dcc434e9b00a42486ef9cfe9ae68975d95f335bd1
0a22786b854937af5820d7e7c893edafd508d2322eae29c8f815a729c8a5df26
0ac24e3236fabe6fbecebd5eac5151f80ac9444f5ead7e433018883bc50ae6d2
0b6de811826f20d2d8af8845e8d74133a1c718b86a9dab4b2b1c0bb8132a09d3
0d448d7168293ecccaa0ec580dc913e5fa873c7e4c36bf86b4206da01d873f3c
0f10f306800688e4f0063512ff6fb92ce005233bbc9a2cc7503a1f61796fbeca
0fc056e127e83d2d08a573848695b784b5852d1c84fb3063915158ec556246cb
112cd72024a6af4adc2d26add5d1ffc6e14d08d4663dc5279a922439fbf62601
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14736ea197ebca8a0d176ead1e22d2b1cb277d5c37a0c2780cff25f24bd56800
14da5772710fff9ecb26b35dca2a59dc63cc59e85afa16cd24082c49916b619c
14e860c59261c99ef9465777acb1d0f741f45218117cd0ba6d40f078c37c6976
15dd7383a83a39ff0aa688707cbb570e914350a5d0d6fa3bc1495ca46e5e615a
17659bedbfb7966dada8d149a4adac6bef774310be0a08ba1060b82033785281
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195cbca5cec4ae7864bf2df0af303348f82d032fcd111441bf62d5c352cce935
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a8329c3a789347a61f27af4afb47bddea014db4b98b4f6161d0433cabe226a7
1be5f9054dd4062a5df289191f877e1fb6c0d16d266a2c6a32bdf8da1e13e3c6
1c05f76c5b49f14ca1a334c998abae93ea9bb3513499fe98d33013a3bc075621
1d624ab8c3c164368e105fc17ba9eb43b397d9662ef2db48a8cea085d860037b
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1d9a3cf93e6c58e17e0dbaa54a8b8b2726075d32777080a1e4cf241fc3e265c1
1e84ec08e834efe1e1c9df97bbe8ab9451a8df80fd6ecfe29fb44e3d3054a52d
1f03b977a279b351799152fb2af429b68a82b3b08d2be2fe56eb855e9e5f6e44
1f7c1000f7412bffc29f54ce50c31c04442dcbed4432388f87840ae808be7eb7
20b9cd2a5e2125ece15cc0d11ae35586a1e9eb4bc90226eb3df789adf191be61
20fb0dcce2af0b57f79584d0d282730916680ceebe9c1cfe7b502a9c238fb18f
23bb265220c685f13b2ac01c2be1d35dd6d9f85006cf5545ec188069ba3dac64
245c651d9f27e8e9cee5fde8917a34731cb9aa5ffda2cac731370b3fb9de7d50
24758dee06483ee86fb9d0a393ba368faa19154bdd8659c9de20794afa488f8a
25e5c10cb58300c92e6d6065fa0ea49a206499c58a2f1152af1deea8f34a5066
2b6a59cd150d86a347f70844bc75b8caa0fba4d62156efce7e94df8d8e41fc9f
2b6c24d50ab77a4245c2b671070daa00cdbea74dcd6a8de9794d55791e262fa4
2ccf5826587f4ddc6021bbef0d21ab5f5ca0ae2e62f546635570cfb74bc1b5e7
2d544d485ac09ba55e1dd3c97c7160a071fb7ff8e7c46266b1b39c7b0097d437
2d767fe00284ba315844a0f61f8f69721df84ca58781e8b960455fee618c9778
2d8d372e582ae453124c43619b5a104145cc9dfdc0c0704b42aa013258ed5294
2dbf2f018be859838890bcc1fc0696c7ec7962b10169bdaf5ef9d91ea408f99d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3db724b393f39920a94a2ab7767929530374d8b52c18830bba21fbd9c91483
2e8bcceee3891d8a26d49b809829774932a57f99ace2915edeed938f77c7a222
2f1bd6bd1de6aa1df427a46eb9ce5fbe77d40520860879493f77e19f33329213
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7f3c94b425efd4c72918d6a824d3e6d58313eaeb92d1d5c0c66f35ea941b31
30ec909b5721dcf0ef1f97abbee5c069f39f9fe3a9c9a73e37dc50f24f25942b
315b703836da97c6a588734471bd908afc143a0b6b812ef09784099f5826399c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3184fd632cad5dc9eb8f35f6aa4337af5d37a62db990efdef3b82d390827c81b
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
321467d63f603f7090d1a5d021689eb07328e5aee38d15cc6ef9ed15af81ad4c
32473a7fb0fb429b551fc40f0ba4db493f429ea10f003003df856fbfc83ee1db
33a5aa09fe779bff8e3a2577f8a828b77fe6ede36a6105d835522e752c430d85
360b38b1a37784f2d81d3a4aeb32c828c0b45dfe91f65b1c74a617eba261ff49
3627618f4a064f67292dff0923835f8a354eeab39659a8de90b1e820d661c0c0
364b26f9348a46db9215ea1145f9a03717d1fc11e6d21679cc284a283bb06f8c
36a46e4d3e4c4ab8d8f61a91b00d67677ab93fff1c30994bc271496091ffe3f8
36d6da6bddbe0683a9ee934c99439cb7423dc1ef960162e6026fcd2dd504087f
37621787fdf15fb6b33572c2f7841f36bd71f87d8a4d5535f99b6774e7eb5691
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
38254c821b6bec9ee36bb8116cf81a16b0a9c2a51f97cacdb483b4fdeb6e3821
39c4598078e4d82cfb06034810424d3662ddc0893891e57940134e7c1fe09206
3a102a182fde4b359aa380af37a4fe0f341290102d929d493f8abf30fd493d7c
3c39f4c344a99cc3c2e218636a25c69d4e917468ac61cd6e6c184ea76a23d8f7
3c40eb2445be3674ee28b2a819223dad84309b9b096e57a6ed7601aad8e6df95
3db1717afa872b8234dc813f0846b032eeac02c1aa5ebdf26ae46c2f2c8219bb
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e54047a5de69628d87570753a0bfbcae01a1375bc54d1b3819751e211b602b9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f87a595313e77268947908a86741a064f2ea6f88627996a22a9a1fe65443be5
3fbf84bed1ec3d2165803012e121eb38c4c380d476a795850dff51fe95989187
4184cca79f5bf9f2307db11b9ea1db6542f8af3bbe4947300720c742e935f73b
435f5b4b6bdad2aa44d4ca12e35984cf3e7d635aef0eb87b60fec70ada20ed8a
43fae1fa8a38225ca21e66b1819af72c8928b58d0c53838b32dcfb5a82ff6697
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4466f366b2897f4839ba95e1b5d96fa3c3e11cadb7fe0096afb3a5a97b872ffb
448edd4a71b4ca28931010c1c2166872801702a420ff549a7c757edf863d7530
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
450f3ba4e47ee174bd9692b396f264b907d37d2528f53911760f3d0edb785f7e
4542b9d8c313c5e4232bc17332661fe489a19378e2d3c69ae4579dec0a314ddd
4568aa9f2365949b19889d2edad0a33ec6aefdbed4b7c2698a2aaa12509656b2
459e95cf842f6dee4b6aafa23a5fcc6f65c228390c131da04c47ca997b2b0e94
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
495b7c7c3765a39759131debdf44c8d98832b57b33b826c9c683087ce9f91313
49cddd09106043a53dae9a1b2d6e8a5d3d6530f19bf0c942a03bef05582bb656
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4aac21be10afdbda7f8473604eb829b85a32cc3a383ec81816eb868a953e1d11
4af801c6866959bf4e30e504775eb8ef92569874854ba490aa7ac39a23723117
4b123f8e3a4b0db9c32f6add4b53ac3b66afecd0ac6c0b17a90e1451642f7418
4b4e80032e1c164685d3ff6eb4c606785ebaebaa648d3984478b0cc8d114190b
4baf1f8d152b97458890b22fef3b1a965a8fbd9f2207d4b8c51fc6e1e5d401d3
4c7ee67a4a7168b8dea0055b9fa4b364a6967b7c694b733519e3b4756d272a46
4c9d535e4ba18aadcc6008e17f8447248d04dd3f173f5dc30d1d663ca8a8a71d
4cd5158b8032b8bc89110a709e1f5ed949f5eda60ecf7d164c7d05acf2eefb4a
4d24bf9a18070a06663ddde9e60e5833cd3dfa33b34b27da893b621b1df8a56e
4d745e8b5de29c794d781c7dde118aa34cc84377b9d6218fd6368895b97d7a14
4da8f4d2d20833c254b092ab30d0ebaee5e3d93716e320773ff55c27c353796b
4e055c26ecd439ee73765fc8f167b4f23eb9b92608c70b2068b0bc7c3baeb9dd
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f1e2b8d644e853ba2e299358ce11ce17b7c128bff692cd45277dc52909b326d
4f5258b77094e2764ed3cbaccfa9a241723c11ed8f813f857eb176e5f9a19bce
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
502a19bd8010b390245ee5ce7cab84a4250da24d548828b555a53a68cfbd8db9
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53c67f888e77494785ed5083c2781b761509f173df12001d96ac19c3f2fca600
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
55e9b9403b33b58e73a6f2915ae127ab0ac3ed0112d2c66dd155ae09ce7cf2c0
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
57d73d188a6162bec272876156addbd7b02a2c6941c45653b8d3453e998e0b5b
5954ef8a3e4b8d537942fa60b6449e7220636a6adf07a728e54287d2a0039223
59690c043b6d4ebde3637a40f014624845672d25662b45eb6926b227a894d2f6
598e6fdbdcea0672e5b866da5737a51487f88b7f360c901cf48cbed1c3f6caee
5a861c45474aced0df646c7e469d8e72f9c41fe3605408f2f6e49d816d279774
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ac3beb9a5f19dec42378f034dac37d91551f3d83aa5de5157d9c35995c1a54e
5b2d8b1f9217ee760d1687628da415805d1e9cb7aa381de19f81e51dc0c0d7f4
5ca97d6a98c54f623914b3d9cadbebea52e6c9fb99426d16eaa84ac571eb4025
5f8f2739eab8542e8316b8d27f96040f31ae37bba3f5247dc55a7a32d1eac773
6026f648c50f33508e68dd338b9fda571587467342b3de317b96af4b87894c20
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
60f49cf33a1dda83996fc7b213280f2fdf40af97bc73f0074ddc9dff83b2754b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
63e15e047eeb94f0762c3b88449177a185391d45e096651f15009359c74fe313
640d7db3e4c80eaff4b1ca5cff0e33630c9a77269e1a99efa069b821165247d4
641153b2ad78e5d095645419060a4ea0854b1b3ec5ff27e99644c9f8d461610c
641f574c34b195534164c65a14356a749352e453ff43cc7f7312f23fa0fd561e
645f956c61a6a68de775ede8b175aa3d2ceb73f36a2967c4b033dddc1e8b918c
6496f4f87d0be72e6e6c054818198865c20fc41899cc558b533c294fc8288dca
64d7bbb4fd6818c8927839fd2a3f95a81b4aa6d5792ce8fdb49014d4066da0f9
6686b4baea5858923f283046e32fa3c84e160e9d491c03f2b291e49237ff4762
6695e4c6e9da48a120eeda0104875738d04769eb7032493aefa38c8545367c35
6707bbab4dbba0ac7fce42d70d1a036d37a9e2fbeb320156e9d960e193c1d6c9
67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be
682f0d891ecceaa6985893d840a78a2bb4c781330dc63ddbfcce5f98f5003eb8
6a5d134ce0702f55663b83e6d4a9d300e38f9328f96f1651419111712f9f02cb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b81817498af5e4b6a374d4fafa0f2f42fd8b8fc81ed36444ce73c273e1a568c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6bd4f1d599be4d43843b7dbf5ec5e134cd7aec0c900ac1c030ead10bbe4ea1
6f0cf975c0af30f364c187c27f76f5ca4c8146f95a98b3388b1abf3bd044eee8
6f8f56a9c5d675cf42cfe6fb885c1c16058c3281059b1335cee14baa4ab491df
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fad125ac3b5621b5c6a42f743fd300cf329d1377c3e2c0fae8e57896a8e82c
732d62721e90f0b16bca7a3a43b89eb3a801fbd892c75be871b3b193b93d0972
734330c7274b200adef4f848d98a1b35a8f6a8ef4ace4d7f3d5f7e323da79c02
737e463b95210264b08e788a164f94545cedc5ff227ffd36d29b0643bf1e7bce
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74b0ad1db45bdea5135d72b4b35b05178b062b7b08ed698d98885c2ec9ea7652
75403ea985ed1a051c8219f35940f43d9865fdc2f0ba7ad913945475e7ddb854
75ebdc93911e3debd08a0a1d7454b5a3ef365df822809d227d5ec2af11a86bbd
761f3f860ab5eba9b6f05d233d99c8bade27165e8006dffda9429ce6de20c407
77358e88e4d70191891544307a0a8677145d760e51eddef0293111d5a3008683
77a41ca8f153979587e08aab5398d268323f047d1242a800c021ce826ba8fbc3
77d626a876c1a69194fefaf80ac4c784e8fe03ea9810cd6b0ba486032cdec3d5
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c63888d02b9bade3b9f57dfa3f0d159fcab60c8ca12817bda4b707c937aae35
7d241e76fab5c5eba6535678bfde9777f7b142605c01ae285a5b82984e765aac
7f2d38cee234212a32f764510cd10b7d056266dd80f0e4774a1b3f9d0a590bd2
80d12cf6af8354ae86fcb5972f0a07ea9e239a135d83d5534a4026550545d880
81213e09ec09abe060a47d101767ef8f2d2cce6f1212b237541cba0445bf730c
822abd0014493280715e641732fd9ef1543ebf20fc6a7e413c3c36cda099cbd8
82f59a30f5185074ab367843e8f649d0e2f4f6bbff6db8c9a852931d220f0699
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
88a2627da94b4cad8210d3c0e9acccfa07b0ba30cf07487ea7eb82b416de92ef
89203a48409767e8e5eb40c9ae27fd6430b858aa76dc419a4fc203cced57960f
8932a984791f39fdead858f32cbe258c961b2a49d59295f6186e6856de6632a3
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8a6b8d6189b119e313f4a30078a824eb0f8380061744a9812783734ea66636aa
8bc7ac2277df8fd580df4df070bf294bbd9440131ae0766b7542b27b82caf59a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df00eec032790021597a4e83a08c313dfa9f323b33cdbf459905386a3aad9a0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f873bae7685fa7402b4bbfc9044362459efdc1618b06b4f3702dbb273123c9b
9047e2cfbd474818326eedd41d9b9bb75061d019c09e55c03ae65a3e2e30448f
9090355b6e372917709cd2e3bb7a6eb42438640afb5464ab6c5b7dfd1e3e569f
9125d6464bc58d961cb2734ecc4d90515d362d1b9b06d570d541448c339e9120
9255f9f186056d9c722c47bb75bf71f79690a0a85fdccf83481c6eca62552623
949c62cdb00cb8998e0befb43a0676e1c4e37fe8bac6fd227da5a35d673591da
95d9c0f840509ec5e24c598bdc5f0961fce84623b88b73fcc26821376adb66a0
95f4db14172013eb07b61d3933cdcee02d39e70569f86e2d445e637db2d62547
961734a1ad6f2cb695cfee32126bfb9f5ccb7bc6acf97b5691052209c2c9a33a
96bce0dc390de0439f3bb050107878d05765f4ad3632340aa63e610955462ce3
9a133709eff0bc969381e6f44dc7d3721fe37023458b53ee5641d1bc6f13a266
9a16ace082ee5d4603c6b28a3aac56154bf72ff307fbc72269270c3f3acea61a
9a47117fd6b0fcdcb43d864e3cd4c759a15a2a4050f84f0af1a88983f2765e6a
9a558a135bc6946c3acb1d54be778d157ac78565acc5e8d74da3ccd220d01ab1
9c2cf77e0bf0dde44d7c99ed8797071b40fdcd0f984e9235a92cfa506cc96469
9cd87dc511a1f132a0690fce2149a427e8075eaee076ca59a6efff3a9dd94329
9dd353d3cb4c4bc3fcc11e7f27efc692854c9393d6221271b3aef3385ad6293c
9e11612aa8fdd4ea644685df7f76e8d415df784cb86ec1c2dfef935ad70583ef
9e3e886119f0d3ed7e04c1af4d8c64f5d6f1a8507140aff79fa10cbead6b985b
9eb05a571f8f5180079edba312001f70c535f1a7b0e7c9855c6ae940a1d95163
9fab3b1b7382f171bf91105e66f0f5127065bb7cb93533598960b686de880849
9ff79f831706ee98020c617518d4dea792976313b1ce1ab3d07d12f4639bcece
a00823cb2fb19c0e87a1f41a6bd5352c93f463511f5eb42d27769074da319a42
a00ad9c287fdfe3fbbd7e418b2843e605752d892dc979ed3a9a6125aa33a1738
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0d806f95c55de2705d0891cffff7666c763af7922f7890bc8eea92ca0f1b6b3
a0ec8793ecc2c9d97dcceac6cce1de315e1a0cf7b6c5180060916c2d047c9a1c
a11bd248810cdf7bff6c46dd6d4619e639fa3ebf9e2cb2c39fd1169417308043
a1cd682604b6929f0a08244e71468e1f920ce4783554e5806760a43d0e0b1a43
a1ddc216c50c119c59f1ec80ae30cbadc0f24ce9e74984be9b155c369b146920
a1f5a285e11c885627ff25d396bf044d41c39e474eb4c65e9a4f14676fc91136
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2fa34a5479d7fe3b3e4ed5966e9d4249d2ab1fef2f54ff1bbd5dec86d004622
a31442e855e9446a36a7fccde1b08e0b29afd7f9eb74c890cb2ddf8b25d0d216
a368e10f98f84b85990d81f4ce950fdb97ff8c229b3370eeb8755b866dff0956
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a52376c24089ca091a0bcaeed02d6d76a0437da4920649c73168185167180399
a63cd466ee6309b4d51541877419b61da3751d573737ffacb94fa56ace48cb40
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a72c21ed358aa89f8a12b26443d2d1dcd9472fc534572122e6aebf2433a824d9
ac217fa597b7754bca874304308db97d8db94d4733d9027cccae8d7eff7eeceb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ae23a0f4f9691590cbb4c31723929d58d348e6f29eed0d93cfb096be825e5c91
ae315c29ae334453a9fe482d663ae85d33ae515ee3b8ed460f799ba085060a51
aed329f0644e7ec5ab69d50e12ccdfbb3a7a2c6378ef314c99a204e55bb5d10a
b070538b2ac9b7389b490be8d96aaa9d188e59dd330e174b01a52edce49eef8e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1cd43cb109808b125fb2a3cd2cc7c15ab7a4887b4ad721163944673be6f8621
b1eca01c842d1458d5b19f66a3268e406707fe5cc0fdacf6f207c3e3f97296a9
b3abab8c0524b6f876d36f99aedd1fb14317c2e3758d2bdf093362d458f6f199
b3b6d99d4c0ac0e30d8402972a98944c57dba4f5bc2f039066692b0648d32ecd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5425fef4de3efe663b669fedc49222d899957394803442eea536408e7016ddc
b5b2a6aabb0cdfa4bf76e8876600a3ed400d20382af69dd4f02d1d8b39f8e987
b616bd1f2625c0959aa213c245bf9e2c17bcd9744a64be887865c4658201cdfd
b61fb4733600b39bf28ee5d0c50188d89bf5c9cd2261e004c3c2d85c71526c09
b6b6cfc47a537a834e72a6ac6d4161e9353f05b55b3d3115e72a70d87a43c9a7
b6fac7e582a3ac8289126a4b8161fa8f2e9be6e47e01857cc147b70b60fedab6
b8dd12b4cc0283b0d20c31c231b8ae14fa61c1b64d594cd8f8c0ed1948acb3b5
b9dd3c1ec4b94f2ccb1af99101eb80c77290be7eec12e07e1dcb1b138781c23a
ba0019abe57ca54340c5b398863c811740bfe3d6419ce1f8966fff8e2da9899f
bbb5a4c469366e8d14b8cc3f0f29b3a6241bed783541327325bb117928d88094
bc2dee2d7bba673bee2abc6490f270aedec3e93055882daa0cd0a474388265b9
bc78a23615ccc46faf9c2f6540bf394a152c033c0a42773e059b47b35c44ca06
be2277c99594557635d0993ac606fdc4994494e43408bc1be5c6ac9bfabc5dac
c0204c308d2690913aae8d675cb5c7fe85ca7a4de2aa3a7bf515085bc6ee1a23
c0522fef58474869160f515ea601add767324b623a881069f2f8d5a4cb75735a
c0b550d22a42d979bae44714750b66b6d17e0d7bad10dcf443c03799bd06068c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c18e2c0430dae4a90ea1281694f07d8ec9c8865d526ff1f948cfd605f344d140
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3f73c2c5257463b0bddc3434cbfbccf8241329d29dcbad38b872cb5fdd17d2a
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c66e9e13a3e3179236a565bf93374bb31a9b60942f8ca4c7133758ea5823d701
c722a3cabb9ccaf939d3168401d5589617bc88fd2e359cabbe16df6752bf9901
c8cb02b101e2e9d5c698d957bbd43f45c5393d7e58ada105215d870405f700e9
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c982fb8f9251405427409102a2d61a2e2172fef50b18abf183e7d5deebf42ee6
c99734749ad79de9e3e31e74c52248541454b72c2bed5fcb0747c78fa4b052fa
cadd7c21df4fb1f3928d58363aabf18bd4bf14b37fbf79672fc0b4deb945dc4e
cb3225279aa937cb59eb4c7090bbd6c92967df4d8486a86d6f90fcdbee0ffc5f
cca1dee436baf2725df3fbc3ae66edd667aff987e33552c9f99e29be42df910c
cda8601fbf20636ea8c9db6c8263ba7e11a4ccd80cbe052d0ef14c444ebb0320
ce9782de72a0900279180f026d47e7d5766bb246a5517efa894560223a7806c2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
cfdd75ea6bcd97f0788c01c57f1a34f10d47e0bb5906616872d5e04e4f65f7e2
d0cc33c469dabbeb53c5bf989ad5e171ed080f3f83dace48ab1e7b39717b1424
d1a5cef928708ca7a4eb8105f983d486bc533af56addcb258a975e43f97ce84f
d2c586b036ff3aa56f27aa4e1380cd3c86056d36d9667e46c2094f5d5c2137a7
d4308d192449ab713fa9a883112c92a79a9678e4c9953eec851c3ce893119386
d4a5c90a048bebcddcc6b7e41008af3f42bb578a6d75438bce4e05da12b57c94
d4fc9449961bfcaf2f7390fa16ae693ff6cfd0fa4310aea9d2dc7541640c5323
d5216fe5bc0a5dc5bcb78d6be4d0d95d678bbf43d56dff9f14d45b7522135d1a
d52dbb69e46a929b07778d5deef2008160f131596bcf8496f6c6783488fd0a55
d53aa53a8ec2a5561ad19b4955ebb5dd5130fddc5b07bd01f18cba337525559e
d613f51ffc0e62b87113c8124e6cd4378221be0846746f472d88cb3cce937556
d6ac5b7edae70706983d79b731280c35fd2a9f08269871f792a415325a035217
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d6d627c1400f6246a64cfaff3165e87c18455e790b85df2bf319de0a06af4cd5
d84561c6e096fe5878858961ac473a3225075b9836c67b856713a418408375a0
d85850c885fe92574f866d77f638250a2747c691aa7f537b4922e28b368cd51a
d98942b504ffe9f347ae6da5775f3e4432d1f63f51cecf34a3bef251bb846673
d9fa8b070033c051a13a771943f4cab9d628d351daf572aaa3c26083258710d6
dbde35c04e1d7ee0a8392e1b2dd67888d7ac56bb6c05c3495ab73a279420e598
dc46445dba809944b9cdb588cc0788e7228f40850ff3dd810ebb79113a05f2c4
dcb6e3a0282c1a7737c3cb6274965cdae2670b58e1aa2dee99df14f66e53c353
dcc5f41d1dc04a19dccb2061dc9572cb46c1c19dd89cb5d910752020fa87e791
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1066abbe3e2cdfd9179a59518786b8d696b5496bf00f4431312adbd5895e914
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4be7f956a5bee1a33475e18df8ae5fa4783fb7b7533233a608ee627792cb754
e53a1375f8d36007187704ee2cdf6c752c3f8df8d5f4d8664e047d240b246ee0
e62bbd30403f2a5d4ba53cca05027f5283ed68c4cfc8bd74934ee6a9aca05613
e750cdadea240bb27de8e0417a72ebe1fbc4a683805471d2124c8138b382a13b
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
e96ee4202dd697f4757a0c1502f5b3ae79c0d59d0823d80a80ac3ed97132d861
eb0a3b6414dafcb1f62232ea03c34470af816bd8e10dfaca643a4e3958f9b102
eb30ce14583e2c7e1ad993d8b79d8672422b0f9814b8cf794b4e81900063575b
eb5f4383f425774d9d1870b942fce87d7cb799dc5116385ad8b1bf2098cb6a1e
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee4618bb5e5f9053b11f150eea7c38675e18c31753662b55a5cf212818241763
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee9c02b6ef7c57f2b83a0e88dab977f839560afb553d57eae49731bc5fa252ad
eeb0699c78d59c010277b0e15346b23ca8253cc9daccfc5be3cd22e7b068ba2a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08b2431c0f7b6cac8363713c93ff2fc851362538e78d076932abd6fd02d07fd
f1dc555b74071c11fb7bbcd86fa650618db83723a8828d04850e90ec73dc5898
f2ad5c205412991050da84a5578609acd2bcc88bfdbe94ff1ce5c9e3891e611a
f2c4b7d20ff42a433d0c76631c460cd75128f8f0436d052ce2cf79dc4fa6a244
f3e8e6482cdaaed4f4bffab132ecc638d2eaecbc9d3f86786b31177db070e170
f5355920a63bf1427f9146b2a5e4f3864126dc4fdb12b46a0aa213a6726d832c
f5d9b4d95a45cf4213f20157c8225a1bde6a0f0aa14c67f8c0137955626ee764
f6c1348dd12df2565d9d74ab79e4a23b5f38467ea7c14cee23a166862f93a747
f81d10f0f830c58d309764643a91fa083c00f9b726548d23435e6be3f937743c
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f8a6146c5150eded281c4becb27e5aa5a9cdca5db218560867bff67d9a6c98ef
f93b6e722398da13c2fbffc2218c6a46107ddb5e7be9030f9bd4a7e2cd481bea
fa943566c14f4abb8d797044fb848c174e41022bb78e065d52d55bb60d85c501
fbf2001fbaa154221dcd3f40564a6c03d7d844fb244f185c0eb39b1ef3df92ad
fbf4b1f343969be452f7a19969ae28e30fb62f6e65078054eced997d36e7a1fd
fec7384a7fbf4ba287754d74a2ea4e37e32dc6c79afa1f477da4c5622bd48c40
ffa6bc06a926bc06781adabe7da85251076ce9db36a05500a78ada65760c9354

www.thestar.com Open in urlscan Pro 13.32.27.13 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

484 Requests

94 %HTTPS

0 %IPv6

75 Domains

119 Subdomains

102 IPs

10 Countries

7163 kBTransfer

23320 kBSize

112 Cookies

18 Outgoing links

Page URL History

Redirected requests

484 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thestar.com Open in urlscan Pro
13.32.27.13 Public Scan

Screenshot
Live screenshot

Full Image

484
Requests

94 %
HTTPS

0 %
IPv6

75
Domains

119
Subdomains

102
IPs

10
Countries

7163 kB
Transfer

23320 kB
Size

112
Cookies

484 HTTP transactions
4 data transactions